Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Alpine version used in images requires update #262

Closed
emiran-orange opened this issue Oct 10, 2023 · 0 comments · Fixed by #263
Closed

Alpine version used in images requires update #262

emiran-orange opened this issue Oct 10, 2023 · 0 comments · Fixed by #263

Comments

@emiran-orange
Copy link
Contributor

emiran-orange commented Oct 10, 2023
edited
Loading

Describe the problem/challenge you have
Alpine 3.14.8 contains vulnerabilities related to CVE-2022-4450, CVE-2023-0215, CVE-2023-0286, CVE-2023-0464.
It seems that these vulnerabilities cannot be exploited as the binary only expose insecured metrics endpoint but, you know, security right ?...

Describe the solution you'd like
An update of the Alpine version used

Anything else you would like to add:
None that I think of

Environment:

  • LVM Driver version: 1.3.0
  • Kubernetes version (use kubectl version): Not relevant
  • Kubernetes installer & version: Not relevant
  • Cloud provider or hardware configuration: Not relevant
  • OS (e.g. from /etc/os-release): Not relevant
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

chore(build) Bump alpine version from 3.14.8 to 3.18.4 emiran-orange/lvm-localpv
1 participant
@emiran-orange