Vulnerability Static Analysis for Containers
APACHE-2.0 License
Bot releases are visible (Hide)
Highlights:
The minimum TLS version is now 1.2.
Previously, servers also allowed 1.1 connections.
Claircore is updated to v1.5.25:
rhcc, rhel: support compression of sideband data
datastore: add "delta" update interface
java: size buffers correctly before use
postgres: remove internal timeouts
integration: make PGVERSION
a pattern
Additionally, the version used is now read from the distributed
manifest, rather than hard-coded versions. Other than occasional network
calls to fetch this manifest, users shouldn't notice any difference.
alpine: add edge support
rpm: support PGP V4 signatures
jsonblob: add a disk buffering step
This makes the API trickier but given that there's a single (known and
intended) user, this should be fine.
tarfs: check a potential interger overflow
The possibility of exploiting this is effectively 0, as it would require
more bytes to represent a sufficiently large integer than is available
in the tar header.
See also: https://github.com/quay/claircore/security/code-scanning/5
gobin: take into account package replacements
all: purge http.DefaultClient
usage
This change breaks some API in exchange for unifying the *http.Client
handling. The practical upshot is that it's much easier to control the
network contact surface.
all: share single FS implementation
This change should improve memory usage.
libindex: move to O_TMPFILE fetcher
Published by github-actions[bot] about 1 year ago
Published by github-actions[bot] about 1 year ago
Published by github-actions[bot] about 1 year ago
admin
subcommandPublished by github-actions[bot] over 1 year ago
cmd.LoadConfig
cmd.LoadConfig
go get
commandPublished by github-actions[bot] over 1 year ago
Published by github-actions[bot] over 1 year ago
set-output
clairctl
binariesrequest_id
to logsPublished by github-actions[bot] almost 2 years ago
Published by github-actions[bot] almost 2 years ago
Published by github-actions[bot] about 2 years ago
docker-compose
versionPublished by github-actions[bot] over 2 years ago
Published by github-actions[bot] over 2 years ago
Published by github-actions[bot] over 2 years ago
Published by github-actions[bot] over 2 years ago
Published by github-actions[bot] over 2 years ago
Published by github-actions[bot] over 2 years ago
Published by github-actions[bot] over 2 years ago
Published by github-actions[bot] over 2 years ago
Published by github-actions[bot] almost 3 years ago
Published by github-actions[bot] almost 3 years ago