[FOLIO-3561] folio-install TAMU: apk/apt upgrade fixing vulnerabilities Created: 24/Aug/22  Updated: 08/Mar/23  Resolved: 08/Mar/23

Status: Closed
Project: FOLIO
Components: None
Affects versions: None
Fix versions: None

Type: Bug Priority: P3
Reporter: Julian Ladisch Assignee: jroot
Resolution: Done Votes: 0
Labels: security, security-reviewed
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original estimate: Not Specified

Issue links:
Relates
relates to FOLIO-3562 Upgrade alpine:3.11 in alternative-in... Closed
Sprint:
Development Team: Other dev
RCA Group: Related dependency upgrade

 Description   

https://github.com/folio-org/folio-install/tree/master/alternative-install/kubernetes-rancher/TAMU

has several Dockerfiles that have vulnerable packages.

Adding apk upgrade or apt upgrade bumps to the latest patch version and fixes these vulnerabilities:



 Comments   
Comment by Ann-Marie Breaux (Inactive) [ 25/Aug/22 ]

Hi Julian Ladisch Which dev team should this be assigned to? Could you update that, and also the RCA value? Thank you!

Comment by Craig McNally [ 25/Aug/22 ]

Ann-Marie Breaux the TAMU devs are handling many of these, and there isn't a team in JIRA for them. As far as RCA value it isn't clear which value is most appropriate. We're taking an educated guess in many cases.

Comment by Ann-Marie Breaux (Inactive) [ 25/Aug/22 ]

Thanks, Craig McNally I'm going to assign Dev Team = Other, so they will drop out of the "bugs with no dev team" filter. Thank you!

Generated at Thu Feb 08 23:29:02 UTC 2024 using Jira 1001.0.0-SNAPSHOT#100246-sha1:7a5c50119eb0633d306e14180817ddef5e80c75d.