Merge Request for dockerfile/hardening manifest rewrite
Summary
Container has new findings discovered during continuous monitoring.
Merge request (!140 (merged)) for updating the dockerfile and hardening manifest to support easier updating of packages to latest versions
All CVEs from feature branch are justified in VAT (https://vat.dso.mil/vat/container/16066?branch=hardening_manifest_rewrite_AC)
Definition of Done
Justifications:
-
All findings have been justified -
Justifications have been provided to the container hardening team -
Approvallabel has been applied
Note: The justifications must be provided in a timely fashion. Failure to do so could result in new findings being identified which may start this process over.
Approval Process:
-
Findings Approver has reviewed and approved all justifications -
Approval request has been sent to Authorizing Official -
Approval request has been processed by Authorizing Official
Note: If the above approval process is kicked back for any reason, the Approval label will be removed and the issue will be sent back to Open. Any comments will be listed in this issue for you to address. Once they have been addressed, you may re-add the Approval label.