SQL Server 2019 RHEL 8

Summary

Request to update an application in Iron Bank.

Version: SQL Server 2019 ver. 15.04280.7 (RHEL 8 Container)

This application is "archived," but current version on Ironbank has been flagged for IAVM vulnerability 2023-A-0086 which requires an update to SQL Server 2019 version 15.04280.7. Is there any way this image can be updated in IronBank?

Tasks

Contributor:

• Update Dockerfile, hardening_manifest.yaml and adhere to Iron Bank requirements
• Ensure container builds successfully in the Iron Bank pipeline prior to creating an Merge Request to Development.
• Provide justifications for findings in the VAT
• Open a Merge Request from your branch to development
• Apply the ~"Hardening::Review" label to this issue and wait for feedback

Note: You must manually apply the ~"Hardening::Review" label in order to have a CHT member review your merge request.

Iron Bank:

• Merge contributor branch to development
• Review findings and justifications
• Merge development to master and close issue

Note: If the above approval process is rejected for any reason, the Hardening::Approval label will be removed and the issue will be sent back to Open. Any comments will be listed in this issue for you to address. Once they have been addressed, you must re-add the Hardening::Approval label.

Questions?

Contact the Iron Bank team by commenting on this issue with your questions or concerns. If you do not receive a response, add /cc @ironbank-notifications/onboarding.

Additionally, Iron Bank hosts an AMA working session every Wednesday from 1630-1730EST to answer questions.

Please read the Iron Bank Documentation for more info