CVE-2023-24998

Summary

Request to update an application in Iron Bank.

Version: 8.5.85

Tasks

Contributor:

Update Dockerfile, hardening_manifest.yaml and adhere to Iron Bank requirements
Ensure container builds successfully in the Iron Bank pipeline
Provide justifications for findings in the VAT (docs)
Open a Merge Request from your branch to development
Apply the ~"Hardening::Review" label to this issue and wait for feedback

Iron Bank:

Merge contributor branch to development
Review findings and justifications
Send approval request to Authorizing Official
Merge development to master and close issue after approval from Authorizing Official

Note: If the above approval process is rejected for any reason, the Hardening::Review label will be removed and the issue will be sent back to Open. Any comments will be listed in this issue for you to address. Once they have been addressed, you must re-add the Hardening::Review label.

Questions?

I noticed for this repository there is no renovate.json to handle this type of update automatically, can that be added to keep current with the latest release of 8.x?

Edited Mar 09, 2023 by Al Fontaine

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information