gdal issueshttps://repo1.dso.mil/dsop/opensource/gdal/gdal/-/issues2023-11-15T20:13:02Zhttps://repo1.dso.mil/dsop/opensource/gdal/gdal/-/issues/41Archive request2023-11-15T20:13:02ZPatrick EinheberArchive request## Summary
Requesting this application be archived due to one of the following reasons:
- [ ] Version is no longer supported by vendor
- [ ] Application is End-Of-Life
- [ ] License violation.
- [X] Other. See below.
## Detailed Descri...## Summary
Requesting this application be archived due to one of the following reasons:
- [ ] Version is no longer supported by vendor
- [ ] Application is End-Of-Life
- [ ] License violation.
- [X] Other. See below.
## Detailed Description
Contributor no longer needs this and is not maintaining.
https://repo1.dso.mil/dsop/opensource/gdal/gdal/-/issues/40#note_1621443
## Tasks
- [ ] Application has been reviewed for archival
- [ ] Project is officially marked as stale
- [ ] Iron Bank frontend no longer lists application as available or verified
Please read the [Iron Bank Documentation](https://docs-ironbank.dso.mil/) for more infoJosh KesslerJeffrey GolubaJosh Kesslerhttps://repo1.dso.mil/dsop/opensource/gdal/gdal/-/issues/40Renovate: Update dependency OSGeo/gdal to v3.7.22023-11-14T20:58:09ZGhost UserRenovate: Update dependency OSGeo/gdal to v3.7.2
Renovate has identified updated artifacts for this project.
Definition of Done:
- [ ] Merge topic branch into development
- [ ] If there are new findings, attach justifications
- [ ] Assign label `Status::Verification`
- [ ] Merge deve...
Renovate has identified updated artifacts for this project.
Definition of Done:
- [ ] Merge topic branch into development
- [ ] If there are new findings, attach justifications
- [ ] Assign label `Status::Verification`
- [ ] Merge development into masterrenovateJosh Kesslerrenovate2023-10-07https://repo1.dso.mil/dsop/opensource/gdal/gdal/-/issues/37chore(findings): opensource/gdal/gdal2023-11-15T05:39:10ZGhost Userchore(findings): opensource/gdal/gdal## Summary
opensource/gdal/gdal has 65 new findings discovered during continuous monitoring.
id | source | severity | package
-- | ------ | -------- | -------
CVE-2022-41862 | Anchore CVE | Low | libpq-13.5-1.el8
CVE-2021-29390 | Ancho...## Summary
opensource/gdal/gdal has 65 new findings discovered during continuous monitoring.
id | source | severity | package
-- | ------ | -------- | -------
CVE-2022-41862 | Anchore CVE | Low | libpq-13.5-1.el8
CVE-2021-29390 | Anchore CVE | Medium | libjpeg-turbo-1.5.3-12.el8
CVE-2023-27043 | Anchore CVE | Medium | python38-libs-3.8.16-1.module+el8.8.0+18967+20d359ae.1
CVE-2023-27043 | Anchore CVE | Medium | python38-3.8.16-1.module+el8.8.0+18967+20d359ae.1
CVE-2023-25433 | Anchore CVE | Medium | libtiff-4.0.9-29.el8_8
CVE-2023-26966 | Anchore CVE | Medium | libtiff-4.0.9-29.el8_8
CVE-2022-4645 | Anchore CVE | Medium | libtiff-4.0.9-29.el8_8
CVE-2022-3570 | Anchore CVE | Medium | libtiff-4.0.9-29.el8_8
CVE-2023-30775 | Anchore CVE | Medium | libtiff-4.0.9-29.el8_8
CVE-2023-3576 | Anchore CVE | Medium | libtiff-4.0.9-29.el8_8
CVE-2023-30774 | Anchore CVE | Medium | libtiff-4.0.9-29.el8_8
CVE-2023-38288 | Anchore CVE | Medium | libtiff-4.0.9-29.el8_8
CVE-2023-38289 | Anchore CVE | Medium | libtiff-4.0.9-29.el8_8
CVE-2023-1916 | Anchore CVE | Low | libtiff-4.0.9-29.el8_8
CVE-2018-20225 | Anchore CVE | High | pip-23.3
CCE-84036-3 | OSCAP Compliance | Medium |
CCE-86534-5 | OSCAP Compliance | Medium |
CCE-85888-6 | OSCAP Compliance | Medium |
CCE-84038-9 | OSCAP Compliance | Medium |
CVE-2020-35538 | Twistlock CVE | Low | libjpeg-turbo-1.5.3-12.el8
CVE-2022-3857 | Twistlock CVE | Low | libpng-1.6.34-5.el8
CVE-2019-7317 | Twistlock CVE | Low | libpng-1.6.34-5.el8
CVE-2022-41862 | Twistlock CVE | Low | libpq-13.5-1.el8
CVE-2021-29390 | Twistlock CVE | Medium | libjpeg-turbo-1.5.3-12.el8
CVE-2022-40897 | Twistlock CVE | Medium | python38-setuptools-41.6.0-5.module+el8.5.0+12205+a865257a
CVE-2022-40897 | Twistlock CVE | Medium | python38-setuptools-wheel-41.6.0-5.module+el8.5.0+12205+a865257a
CVE-2017-17095 | Twistlock CVE | Medium | libtiff-4.0.9-29.el8_8
CVE-2023-41175 | Twistlock CVE | Medium | libtiff-4.0.9-29.el8_8
CVE-2023-40745 | Twistlock CVE | Medium | libtiff-4.0.9-29.el8_8
CVE-2023-3618 | Twistlock CVE | Medium | libtiff-4.0.9-29.el8_8
CVE-2022-40090 | Twistlock CVE | Medium | libtiff-4.0.9-29.el8_8
CVE-2022-3599 | Twistlock CVE | Medium | libtiff-4.0.9-29.el8_8
CVE-2022-3598 | Twistlock CVE | Medium | libtiff-4.0.9-29.el8_8
CVE-2023-30775 | Twistlock CVE | Medium | libtiff-4.0.9-29.el8_8
CVE-2023-30774 | Twistlock CVE | Medium | libtiff-4.0.9-29.el8_8
CVE-2023-0798 | Twistlock CVE | Medium | libtiff-4.0.9-29.el8_8
CVE-2023-0797 | Twistlock CVE | Medium | libtiff-4.0.9-29.el8_8
CVE-2023-0796 | Twistlock CVE | Medium | libtiff-4.0.9-29.el8_8
CVE-2023-0795 | Twistlock CVE | Medium | libtiff-4.0.9-29.el8_8
CVE-2022-4645 | Twistlock CVE | Medium | libtiff-4.0.9-29.el8_8
CVE-2023-3576 | Twistlock CVE | Medium | libtiff-4.0.9-29.el8_8
CVE-2023-3316 | Twistlock CVE | Medium | libtiff-4.0.9-29.el8_8
CVE-2023-3164 | Twistlock CVE | Medium | libtiff-4.0.9-29.el8_8
CVE-2023-30086 | Twistlock CVE | Medium | libtiff-4.0.9-29.el8_8
CVE-2023-26966 | Twistlock CVE | Medium | libtiff-4.0.9-29.el8_8
CVE-2023-26965 | Twistlock CVE | Medium | libtiff-4.0.9-29.el8_8
CVE-2023-25435 | Twistlock CVE | Medium | libtiff-4.0.9-29.el8_8
CVE-2023-25434 | Twistlock CVE | Medium | libtiff-4.0.9-29.el8_8
CVE-2023-25433 | Twistlock CVE | Medium | libtiff-4.0.9-29.el8_8
CVE-2023-0799 | Twistlock CVE | Medium | libtiff-4.0.9-29.el8_8
CVE-2022-3570 | Twistlock CVE | Medium | libtiff-4.0.9-29.el8_8
CVE-2018-16335 | Twistlock CVE | Medium | libtiff-4.0.9-29.el8_8
CVE-2018-15209 | Twistlock CVE | Medium | libtiff-4.0.9-29.el8_8
CVE-2019-6128 | Twistlock CVE | Low | libtiff-4.0.9-29.el8_8
CVE-2023-1916 | Twistlock CVE | Low | libtiff-4.0.9-29.el8_8
CVE-2022-1354 | Twistlock CVE | Low | libtiff-4.0.9-29.el8_8
CVE-2022-1056 | Twistlock CVE | Low | libtiff-4.0.9-29.el8_8
CVE-2020-18768 | Twistlock CVE | Low | libtiff-4.0.9-29.el8_8
CVE-2018-10779 | Twistlock CVE | Low | libtiff-4.0.9-29.el8_8
CVE-2018-17101 | Twistlock CVE | Low | libtiff-4.0.9-29.el8_8
CVE-2018-5360 | Twistlock CVE | Low | libtiff-4.0.9-29.el8_8
CVE-2018-19210 | Twistlock CVE | Low | libtiff-4.0.9-29.el8_8
CVE-2018-10801 | Twistlock CVE | Low | libtiff-4.0.9-29.el8_8
CVE-2018-25091 | Twistlock CVE | Medium | python38-pip-19.3.1-6.module+el8.7.0+15823+8950cfa7
CVE-2018-25091 | Twistlock CVE | Medium | python38-pip-wheel-19.3.1-6.module+el8.7.0+15823+8950cfa7
VAT: https://vat.dso.mil/vat/image?imageName=opensource/gdal/gdal&tag=v3.5.1&branch=master<br>More information can be found in the failed pipeline located here: https://repo1.dso.mil/dsop/opensource/gdal/gdal/-/jobs/23396393
## Tasks
Contributor:
- [ ] Provide justifications for findings in the [VAT](https://vat.dso.mil) ([docs](https://docs-ironbank.dso.mil/hardening/justifications/))
- [ ] Apply the ~"Hardening::Verification" label to this issue and wait for feedback
Iron Bank:
- [ ] Review findings and justifications
> Note: If the above process is rejected for any reason, the `Verification` label will be removed and the issue will be sent back to `Open`. Any comments will be listed in this issue for you to address. Once they have been addressed, you **must** re-add the `Verification` label.
## Questions?
Contact the Iron Bank team by commenting on this issue with your questions or concerns. If you do not receive a response, add `/cc @ironbank-notifications/onboarding`.
Additionally, Iron Bank hosts an [AMA](https://www.zoomgov.com/meeting/register/vJIsf-ytpz8qHSN_JW8Hl9Qf0AZZXSCSmfo) working session every Wednesday from 1630-1730EST to answer questions.Josh KesslerJosh Kessler2023-07-15https://repo1.dso.mil/dsop/opensource/gdal/gdal/-/issues/35Renovate: Update registry1.dso.mil/ironbank/opensource/python Docker tag to v...2023-11-12T03:04:07ZGhost UserRenovate: Update registry1.dso.mil/ironbank/opensource/python Docker tag to v3.11.4
Renovate has identified updated artifacts for this project.
Definition of Done:
- [ ] Merge topic branch into development
- [ ] If there are new findings, attach justifications
- [ ] Assign label `Hardening::Verification`
- [ ] Merge d...
Renovate has identified updated artifacts for this project.
Definition of Done:
- [ ] Merge topic branch into development
- [ ] If there are new findings, attach justifications
- [ ] Assign label `Hardening::Verification`
- [ ] Merge development into masterrenovateJosh Kesslerrenovate2023-06-15https://repo1.dso.mil/dsop/opensource/gdal/gdal/-/issues/29Renovate: Update dependency OSGeo/gdal to v3.6.12023-11-12T03:04:09ZGhost UserRenovate: Update dependency OSGeo/gdal to v3.6.1
Renovate has identified updated artifacts for this project.
Definition of Done:
- [ ] Merge topic branch into development
- [ ] If there are new findings, attach justifications
- [ ] Assign label `Hardening::Approval`
- [ ] Merge devel...
Renovate has identified updated artifacts for this project.
Definition of Done:
- [ ] Merge topic branch into development
- [ ] If there are new findings, attach justifications
- [ ] Assign label `Hardening::Approval`
- [ ] Merge development into masterrenovateJosh Kesslerrenovate2022-12-19https://repo1.dso.mil/dsop/opensource/gdal/gdal/-/issues/19Add NetCDF support2023-11-13T03:04:08Zajriggs29Add NetCDF support## Feature description
Include NetCDF driver in GDAL container installation. Alternatively provide method/instructions for including extra drivers, !55 may be a step in this direction but seems to only support a FileGDB driver.
## Use ...## Feature description
Include NetCDF driver in GDAL container installation. Alternatively provide method/instructions for including extra drivers, !55 may be a step in this direction but seems to only support a FileGDB driver.
## Use cases
NetCDF is a relatively common raster data format and is widely used by a number of organizations. Adding support would allow wider-spread use of this hardened GDAL image.
## Benefits
Allows this image to read and write NetCDF files.
## Requirements
This driver requires the packages `netcdf` (runtime) and `netcdf-devel` (build) and the configure command passed the flag `--with-netcdf`
## Links / references
- <https://gdal.org/drivers/raster/netcdf.html>
- https://repo1.dso.mil/dsop/opensource/gdal/gdal/-/issues/10
- https://repo1.dso.mil/dsop/opensource/gdal/gdal/-/merge_requests/55
## Tasks
- [ ] Feature has been implementedJosh KesslerJosh Kessler