UNCLASSIFIED

Skip to content

GitLab

Merge branch 'release-gitlab-13-10-3' into 'development' 

Update GitLab to the 13.10.3 Security Release

See merge request !70
20 jobs for development in 74 minutes and 55 seconds (queued for 138 minutes and 1 second)
987dbada
1 related merge request: !71 Development
Status Job ID Name Coverage
  .Pre
passed #2853965
ironbank
load scripts

00:01:21

 
  Preflight
passed #2853967
ironbank
folder structure

00:01:14

passed #2853968
ironbank
hardening_manifest

00:01:28

passed #2853966
ironbank
trufflehog

00:01:13

 
  Lint
passed #2853969
ironbank
wl compare lint

00:01:39

 
  Finding Compare
failed #2853970
ironbank allowed to fail
vat compare

00:02:22

 
  Import Artifacts
passed #2853971
ironbank
import artifacts

00:01:38

 
  Scan Artifacts
passed #2853972
ironbank
clamav scan

00:04:01

 
  Build
passed #2853973
ironbank-isolated
build

00:06:10

 
  Scanning
passed #2853974
ironbank
anchore scan

00:10:47

passed #2853975
ironbank
openscap compliance

00:11:58

passed #2853976
ironbank
openscap cve

00:37:23

passed #2853977
ironbank
twistlock scan

00:04:30

 
  Csv Output
passed #2853978
ironbank
csv output

00:03:50

 
  Check Cves
failed #2853979
ironbank allowed to fail
check cves

00:05:23

 
  Documentation
passed #2853980
ironbank
sign image

00:02:21

passed #2853981
ironbank
sign manifest

00:01:20

passed #2853982
ironbank
write json documentation

00:01:34

 
  S3 Publish
passed #2853983
ironbank
upload to s3

00:05:25

 
  Vat
passed #2853984
ironbank
vat

00:00:57

 
Name Stage Failure
failed
check cves Check Cves 
ERROR: scan_source                   cve_id                        package                       package_path                  
  Created wheel for pyrsistent: filename=pyrsistent-0.17.3-cp36-cp36m-linux_x86_64.whl size=55876 sha256=cc58174649644b2f5c6d789a72e24506ee4aad69d45c9337ec430461ae1172e0
ERROR: twistlock_cve                 CVE-2020-25658                rsa-4.7.2                     None                          
  Stored in directory: /tmp/pip-ephem-wheel-cache-qfphvttn/wheels/34/13/19/294da8e11bce7e563afee51251b9fa878185e14f4b5caf00cb
Successfully built pyrsistent
Installing collected packages: attrs, typing-extensions, zipp, importlib-metadata, pyrsistent, jsonschema
Successfully installed attrs-20.3.0 importlib-metadata-4.0.0 jsonschema-3.2.0 pyrsistent-0.17.3 typing-extensions-3.7.4.3 zipp-3.4.1
Cleaning up file based variables
ERROR: Job failed: command terminated with exit code 1
failed
vat compare Finding Compare 
INFO: ('CVE-2021-20305', 'anchore_cve', 'nettle-3.4.1-2.el8\nhttps://access.redhat.com/security/cve/CVE-2021-20305', 'nettle-3.4.1-2.el8', None)
INFO: ('CVE-2021-20232', 'twistlock_cve', 'A flaw was found in gnutls. A use after free issue in client_send_params in lib/ext/pre_shared_key.c may lead to memory corruption and other potential consequences.', 'gnutls-3.6.14-7.el8_3', None)
INFO: ('CVE-2020-25613', 'anchore_cve', 'webrick-1.6.0\nCVE ID: http://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-25613\nVendor Specific Advisory URL: https://www.ruby-lang.org/en/news/2020/09/29/http-request-smuggling-cve-2020-25613/\nVendor Specific Advisory URL: https://access.redhat.com/security/cve/cve-2020-25613\nBug Tracker: https://bugzilla.redhat.com/show_bug.cgi?id=1883623\nMail List Post: https://groups.google.com/g/ruby-security-ann/c/Tft6hN4Q_DQ\nMail List Post: https://groups.google.com/g/ruby-security-ann/c/QWB0On3isQM\nVendor Specific News/Changelog Entry: https://github.com/ruby/webrick/commit/8946bb38b4d87549f0d99ed73c62c41933f97cc7\nOther Advisory URL: https://hackerone.com/reports/965267\nGeneric Informational URL: https://us-cert.cisa.gov/ncas/bulletins/sb20-286\nBug Tracker: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=972230\nOther Advisory URL: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PFP3E7KXXT3H3KA6CBZPUOGA5VPFARRJ/\nOther Advisory URL: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YTZURYROG3FFED3TYCQOBV66BS4K6WOV/\nBug Tracker: https://github.com/ruby/webrick/issues/57\nVendor Specific Solution URL: https://github.com/ruby/webrick/pull/61\nVendor Specific Advisory URL: https://www.oracle.com/security-alerts/bulletinoct2020.html\nVendor Specific News/Changelog Entry: https://security.netapp.com/advisory/ntap-20210115-0008/\nVendor Specific Advisory URL: https://ubuntu.com/security/notices/USN-4882-1\nVendor Specific Advisory URL: https://news.cpanel.com/easyapache-4-march-24-release/\nVendor Specific Advisory URL: https://forums.opensuse.org/showthread.php/551924-openSUSE-SU-2021-0471-1-important-Security-update-for-ruby2-5\nVendor Specific Advisory URL: https://www.suse.com/support/update/announcement/2021/suse-su-20210933-1/\nBug Tracker: https://bugzilla.suse.com/show_bug.cgi?id=1177125\nBug Tracker: https://bugzilla.suse.com/show_bug.cgi?id=1177222\n', 'webrick-1.6.0', '/usr/lib64/ruby/gems/2.7.0/specifications/default/webrick-1.6.0.gemspec')
Uploading artifacts for failed job
ci-artifacts/compare/: found 2 matching files and directories 
Uploading artifacts...
Uploading artifacts as "archive" to coordinator... ok  id=2853970 responseStatus=201 Created token=J5smxdfB
Cleaning up file based variables
ERROR: Job failed: command terminated with exit code 4

UNCLASSIFIED