Skip to content

[Snyk] Security upgrade golang from 1.14 to bullseye#35

Closed
jentfoo wants to merge 1 commit intomasterfrom
snyk-fix-748e20948f36d8b96ea7e0503af5ec56
Closed

[Snyk] Security upgrade golang from 1.14 to bullseye#35
jentfoo wants to merge 1 commit intomasterfrom
snyk-fix-748e20948f36d8b96ea7e0503af5ec56

Conversation

@jentfoo
Copy link
Copy Markdown

@jentfoo jentfoo commented Apr 21, 2022

This PR was automatically created by Snyk using the credentials of a real user.


Keeping your Docker base image up-to-date means you’ll benefit from security fixes in the latest version of your chosen image.

Changes included in this PR

  • Dockerfile.integration

We recommend upgrading to golang:bullseye, as this image has only 98 known vulnerabilities. To do this, merge this pull request, then verify your application still works as expected.

Some of the most important vulnerabilities in your base image include:

Severity Priority Score / 1000 Issue Exploit Maturity
high severity 614 Integer Overflow or Wraparound
SNYK-DEBIAN10-OPENSSL-1075326		 No Known Exploit
critical severity 714 Buffer Overflow
SNYK-DEBIAN10-OPENSSL-1569403		 No Known Exploit
high severity 614 Out-of-bounds Read
SNYK-DEBIAN10-OPENSSL-1569406		 No Known Exploit
high severity 614 Loop with Unreachable Exit Condition ('Infinite Loop')
SNYK-DEBIAN10-OPENSSL-2426310		 No Known Exploit
high severity 614 NULL Pointer Dereference
SNYK-DEBIAN10-SUBVERSION-1071814		 No Known Exploit

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

@verygoodbot
Copy link
Copy Markdown

verygoodbot commented Apr 21, 2022

🍄 Trufflehog Scan

Secrets FOUND!

Show Output 

~~~~~~~~~~~~~~~~~~~~~
Reason: GitHub
Date: 2022-04-21 19:17:16
Hash: 8359435887ac578fa4c850026c7d6eba8e2aa26e
Filepath: repokitteh.star
Branch: origin/snyk-fix-748e20948f36d8b96ea7e0503af5ec56
Commit: fix: Dockerfile.integration to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-DEBIAN10-OPENSSL-1075326
- https://snyk.io/vuln/SNYK-DEBIAN10-OPENSSL-1569403
- https://snyk.io/vuln/SNYK-DEBIAN10-OPENSSL-1569406
- https://snyk.io/vuln/SNYK-DEBIAN10-OPENSSL-2426310
- https://snyk.io/vuln/SNYK-DEBIAN10-SUBVERSION-1071814
github.com/repokitteh/modules", "4ee2ed0c3622aad7fcddc04cb5dc866e44a541e6"
~~~~~~~~~~~~~~~~~~~~~

@jentfoo jentfoo closed this Aug 2, 2022
@jentfoo jentfoo deleted the snyk-fix-748e20948f36d8b96ea7e0503af5ec56 branch August 2, 2022 22:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@jentfoo @verygoodbot @snyk-bot