mirror of
https://github.com/fleetdm/fleet
synced 2026-04-21 13:37:30 +00:00
bfe3b186d3
For #28837. Fixing this all of this because we got multiple reports from the community and customers and these were also detected by Amazon Inspector. - Fixes CVE-2025-22871 by upgrading Go from 1.24.1 to 1.24.2. - `docker scout` now fails the daily scheduled action if there are CRITICAL,HIGH CVEs (we missed setting `exit-code: true`). - Report CVE-2025-46569 as not affected by it because of our use of OPA's go package. - Report CVE-2024-8260 as not affected by it because Fleet doesn't run on Windows. - The `security/status.md` shows a lot of changes because we are now sorting CVEs so that newest come first. --- - [X] Changes file added for user-visible changes in `changes/`, `orbit/changes/` or `ee/fleetd-chrome/changes`. See [Changes files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/Committing-Changes.md#changes-files) for more information. - [ ] Manual QA for all new/changed functionality - For Orbit and Fleet Desktop changes: - [ ] Make sure fleetd is compatible with the latest released version of Fleet (see [Must rule](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/fleetd-development-and-release-strategy.md)). - [ ] Orbit runs on macOS, Linux and Windows. Check if the orbit feature/bugfix should only apply to one platform (`runtime.GOOS`). - [ ] Manual QA must be performed in the three main OSs, macOS, Windows and Linux. - [ ] Auto-update manual QA, from released version of component to new version (see [tools/tuf/test](../tools/tuf/test/README.md)). - [ ] For unreleased bug fixes in a release candidate, confirmed that the fix is not expected to adversely impact load test results or alerted the release DRI if additional load testing is needed. |
||
|---|---|---|
| .. | ||
| Dockerfile | ||
| loadtest.Dockerfile | ||