UNCLASSIFIED

Skip to content

GitLab

install cffi as part of main install

15 jobs for update-packages in 17 minutes and 34 seconds (queued for 21 seconds)
8b1d2c5d
No related merge requests found.
Status Job ID Name Coverage
  .Pre
passed #2826573
ironbank
load scripts

00:00:09

 
  Preflight
passed #2826575
ironbank
folder structure

00:00:09

passed #2826576
ironbank
hardening_manifest

00:00:12

passed #2826574
ironbank
trufflehog

00:00:08

 
  Lint
passed #2826577
ironbank
wl compare lint

00:00:11

 
  Finding Compare
failed #2826578
ironbank allowed to fail
vat compare

00:00:08

 
  Import Artifacts
passed #2826579
ironbank
import artifacts

00:00:12

 
  Scan Artifacts
passed #2826580
ironbank
clamav scan

00:14:57

 
  Build
failed #2826581
ironbank-isolated
build

00:01:41

 
  Scanning
skipped #2826585
ironbank
anchore scan
skipped #2826582
ironbank
openscap compliance
skipped #2826583
ironbank
openscap cve
skipped #2826584
ironbank
twistlock scan
 
  Csv Output
skipped #2826586
ironbank
csv output
 
  Check Cves
skipped #2826587
ironbank allowed to fail
check cves
 
Name Stage Failure
failed
build Build 
Uploading artifacts for failed job
Uploading artifacts...
ci-artifacts/build/: found 1 matching files and directories 
Uploading artifacts as "archive" to coordinator... ok  id=2826581 responseStatus=201 Created token=AQCsijf9
Uploading artifacts...
WARNING: build.env: no matching files              
ERROR: No files to upload                          
Cleaning up file based variables
ERROR: Job failed: command terminated with exit code 1
failed
vat compare Finding Compare 
INFO: ('CVE-2021-23840', 'anchore_cve', 'openssl-1.1.1g-15.el8_3\nhttps://access.redhat.com/security/cve/CVE-2021-23840', 'openssl-1.1.1g-15.el8_3', None)
INFO: ('CVE-2020-13776', 'anchore_cve', 'systemd-pam-239-41.el8_3.1\nhttps://access.redhat.com/security/cve/CVE-2020-13776', 'systemd-pam-239-41.el8_3.1', None)
INFO: ('CVE-2021-23841', 'twistlock_cve', 'The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field (which might occur if the issuer field is maliciously constructed). This may subsequently result in a NULL pointer deref and a crash leading to a potential denial of service attack. The function X509_issuer_and_serial_hash() is never directly called by OpenSSL itself so applications are only vulnerable if they use this function directly and they use it on certificates that may have been obtained from untrusted sources. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x).', 'openssl-1.1.1g-15.el8_3', None)
Uploading artifacts for failed job
Uploading artifacts...
ci-artifacts/compare/: found 2 matching files and directories 
Uploading artifacts as "archive" to coordinator... ok  id=2826578 responseStatus=201 Created token=N9j1G9Rx
Cleaning up file based variables
ERROR: Job failed: command terminated with exit code 4

UNCLASSIFIED