UNCLASSIFIED

Merge branch 'pre-development' into 'development'

update JAR to fix CVEs

See merge request !15
20 jobs for development in 12 minutes and 26 seconds (queued for 13 minutes and 14 seconds)
Status Job ID Name Coverage
  .Pre
passed #2850373
ironbank
load scripts

00:00:07

 
  Preflight
passed #2850375
ironbank
folder structure

00:00:05

passed #2850376
ironbank
hardening_manifest

00:00:11

passed #2850374
ironbank
trufflehog

00:00:06

 
  Lint
passed #2850377
ironbank
wl compare lint

00:00:10

 
  Finding Compare
failed #2850378
ironbank allowed to fail
vat compare

00:00:10

 
  Import Artifacts
passed #2850379
ironbank
import artifacts

00:00:11

 
  Scan Artifacts
passed #2850380
ironbank
clamav scan

00:00:49

 
  Build
passed #2850381
ironbank-isolated
build

00:02:28

 
  Scanning
passed #2850382
ironbank
anchore scan

00:02:12

passed #2850383
ironbank
openscap compliance

00:01:12

passed #2850384
ironbank
openscap cve

00:04:19

passed #2850385
ironbank
twistlock scan

00:00:24

 
  Csv Output
passed #2850386
ironbank
csv output

00:00:56

 
  Check Cves
passed #2850387
ironbank
check cves

00:00:17

 
  Documentation
passed #2850388
ironbank
sign image

00:00:42

passed #2850389
ironbank
sign manifest

00:00:23

passed #2850390
ironbank
write json documentation

00:00:23

 
  S3 Publish
passed #2850391
ironbank
upload to s3

00:01:51

 
  Vat
passed #2850392
ironbank
vat

00:00:08

 
Name Stage Failure
failed
vat compare Finding Compare
INFO: ('CVE-2020-35512', 'anchore_cve', 'dbus-libs-1.12.8-12.el8_3\nhttps://access.redhat.com/security/cve/CVE-2020-35512', 'dbus-libs-1.12.8-12.el8_3', None)
INFO: ('CVE-2020-35512', 'anchore_cve', 'dbus-tools-1.12.8-12.el8_3\nhttps://access.redhat.com/security/cve/CVE-2020-35512', 'dbus-tools-1.12.8-12.el8_3', None)
INFO: ('CVE-2020-13776', 'twistlock_cve', 'systemd through v245 mishandles numerical usernames such as ones composed of decimal digits or 0x followed by hex digits, as demonstrated by use of root privileges when privileges of the 0x0 user account were intended. NOTE: this issue exists because of an incomplete fix for CVE-2017-1000082.', 'systemd-239-41.el8_3.1', None)
Uploading artifacts for failed job
Uploading artifacts...
ci-artifacts/compare/: found 2 matching files and directories

Uploading artifacts as "archive" to coordinator... ok
id=2850378 responseStatus=201 Created token=W5yxgMib
Cleaning up file based variables
ERROR: Job failed: command terminated with exit code 4