Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Security upgrade python from 3.11.8-slim-bookworm to 3.12.4-slim-bookworm #4067

Closed
wants to merge 7,118 commits into from
Closed

[Snyk] Security upgrade python from 3.11.8-slim-bookworm to 3.12.4-slim-bookworm #4067

wants to merge 7,118 commits into from

Conversation

rubenfiszel
Copy link
Contributor

@rubenfiszel rubenfiszel commented Jul 12, 2024
edited by ellipsis-dev bot
Loading

This PR was automatically created by Snyk using the credentials of a real user.


![snyk-top-banner](https://github.com/andygongea/OWASP-Benchmark/assets/818805/c518c423-16fe-447e-b67f-ad5a49b5d123)

Snyk has created this PR to fix 4 vulnerabilities in the dockerfile dependencies of this project.

Keeping your Docker base image up-to-date means you’ll benefit from security fixes in the latest version of your chosen image.

Snyk changed the following file(s):

  • Dockerfile

We recommend upgrading to python:3.12.4-slim-bookworm, as this image has only 47 known vulnerabilities. To do this, merge this pull request, then verify your application still works as expected.

Vulnerabilities that will be fixed with an upgrade:

Issue Score
high severity Allocation of Resources Without Limits or Throttling
SNYK-DEBIAN12-SYSTEMD-6277507		   614  
high severity Allocation of Resources Without Limits or Throttling
SNYK-DEBIAN12-SYSTEMD-6277507		   614  
medium severity Improper Check for Unusual or Exceptional Conditions
SNYK-DEBIAN12-OPENSSL-6048820		   514  
medium severity Out-of-bounds Write
SNYK-DEBIAN12-OPENSSL-6148845		   514  
medium severity CVE-2024-0727
SNYK-DEBIAN12-OPENSSL-6190223		   514  

Important

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • Max score is 1000. Note that the real score may have changed since the PR was raised.
  • This PR was automatically created by Snyk using the credentials of a real user.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Allocation of Resources Without Limits or Throttling

🚀 This description was created by Ellipsis for commit 46d1d14

Summary:

Update Dockerfile to use python:3.12.4-slim-bookworm to fix security vulnerabilities.

Key points:

  • Update Dockerfile to use python:3.12.4-slim-bookworm instead of python:3.11.8-slim-bookworm.
  • Fixes vulnerabilities: SNYK-DEBIAN12-SYSTEMD-6277507, SNYK-DEBIAN12-OPENSSL-6048820, SNYK-DEBIAN12-OPENSSL-6148845, SNYK-DEBIAN12-OPENSSL-6190223.
  • No changes to application code, only Docker base image update.

Generated with ❤️ by ellipsis.dev

HugoCasa and others added 30 commits June 7, 2024 22:08
@HugoCasa
fix: remove main decorator after split from end of file during py imp…
f29f71b 
…orts parsing (#3887)

* fix: remove main decorator after split from end of file during py imports parsing

* fix: nit
@rubenfiszel
feat: track dependency map for bun + inline script of flows
5ae8592
@rubenfiszel
update rust image to 1.78
56b33e0
@rubenfiszel
return flow value in flow dependency job
26822d9
@rubenfiszel
update tests
13cda8b
@rubenfiszel
remove all warnings
38ed825
@rubenfiszel
feat(cli): add wmill flow generate-locks
1957ca0
@rubenfiszel
chore(main): release 1.343.0 (#3875)
c72c530 
* chore(main): release 1.343.0

* Apply automatic changes

---------

Co-authored-by: rubenfiszel <[email protected]>
@rubenfiszel
fix: fix reorder of args in schema form
61bb069
@rubenfiszel
fix: update deno_core to latest to work better with rust 1.78 (#3890)
ec248dd
@rubenfiszel
chore(main): release 1.343.1 (#3889)
0f7f900 
* chore(main): release 1.343.1

* Apply automatic changes

---------

Co-authored-by: rubenfiszel <[email protected]>
@rubenfiszel
fix: fix nativets scripts
36d0c4e
@rubenfiszel
chore(main): release 1.343.2 (#3891)
2adb2fc 
* chore(main): release 1.343.2

* Apply automatic changes

---------

Co-authored-by: rubenfiszel <[email protected]>
@rubenfiszel
add lokalize exception to import map
ce65d5c
@rubenfiszel
fix: improve init script handling of windows newlines
eb068fd
@rubenfiszel
fix: flow args should always render in test flow
1be0bfa
@rubenfiszel
chore(main): release 1.343.3 (#3892)
da03a45 
* chore(main): release 1.343.3

* Apply automatic changes

---------

Co-authored-by: rubenfiszel <[email protected]>
@fatonramadani
fix(frontend): Fix Timeline/Node Status tab zIndex (#3894)
609f332
@wendrul
feat: cancel jobs based on filters (#3874)
7474145 
* WIP

* Add endpoint to cancel jobs

* Fix endpoints and add modal to cancel jobs

* Add useful tooltips and warnings

* Fix openapi.yml

* Prepare sqlx

* Prepare sqlx

* Select jobs to cancel

* Prepare sqlx

* Remove unused variable

* Make small fixes

- gap between buttons
- dropdown in one button with chevron instead of two buttons
- filters shown on the cancel filtered modal
@rubenfiszel
fix(backend): wrong previous result used in flow for-loop
dcff6e9
@rubenfiszel
chore(main): release 1.344.0 (#3895)
24c2cc1 
* chore(main): release 1.344.0

* Apply automatic changes

---------

Co-authored-by: rubenfiszel <[email protected]>
@rubenfiszel
fix go client build
26e21d5
@wendrul
fix: cancel jobs button missing chevron (#3896)
b9092e5
@rubenfiszel
fix: upgrade deno to 1.44.1
f8f6d8b
@rubenfiszel
fix: fix dependency tracking for single scripts
5f119de
@rubenfiszel
chore(main): release 1.344.1 (#3897)
9307f31 
* chore(main): release 1.344.1

* Apply automatic changes

---------

Co-authored-by: rubenfiszel <[email protected]>
@rubenfiszel
fix: fix dependency tracking for single scripts
28d7510
@rubenfiszel
chore(main): release 1.344.2 (#3898)
6c4ef79 
* chore(main): release 1.344.2

* Apply automatic changes

---------

Co-authored-by: rubenfiszel <[email protected]>
@rubenfiszel
fix: fix dependency tracking for single scripts
c966979
@rubenfiszel
chore(main): release 1.344.3 (#3899)
4b7ff22 
* chore(main): release 1.344.3

* Apply automatic changes

---------

Co-authored-by: rubenfiszel <[email protected]>
@rubenfiszel rubenfiszel closed this Nov 2, 2024
@rubenfiszel rubenfiszel deleted the snyk-fix-a1d1c8d358ade73fc51522a7eaa0e7c3 branch November 2, 2024 17:44
@github-actions github-actions bot locked and limited conversation to collaborators Nov 2, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@ellipsis-dev ellipsis-dev[bot] ellipsis-dev[bot] left review comments

@fatonramadani fatonramadani Awaiting requested review from fatonramadani

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
9 participants
@rubenfiszel @HugoCasa @fatonramadani @wendrul @klees @dannysummerlin @hcourdent @Guilhem-lm @snyk-bot