UNCLASSIFIED

Skip to content

GitLab

Merge branch 'renovate/docker-openpolicyagent-kube-mgmt-0.13' into 'development' 

Update openpolicyagent/kube-mgmt:0.13 Docker digest to 571c154

See merge request !11
19 jobs for development in 10 minutes and 48 seconds (queued for 12 minutes and 25 seconds)
ff6ae6ce
1 related merge request: !12 bump 0.13
Status Job ID Name Coverage
  .Pre
passed #2575187
ironbank
load scripts

00:00:07

 
  Preflight
passed #2575188
ironbank
folder structure

00:00:05

passed #2575189
ironbank
hardening_manifest

00:00:10

 
  Lint
passed #2575190
ironbank
wl compare lint

00:00:10

 
  Finding Compare
failed #2575191
ironbank allowed to fail
vat compare

00:00:08

 
  Import Artifacts
passed #2575192
ironbank
import artifacts

00:00:14

 
  Scan Artifacts
passed #2575193
ironbank
clamav scan

00:00:29

 
  Build
passed #2575194
ironbank-isolated
build

00:01:37

 
  Scanning
passed #2575198
ironbank
anchore scan

00:01:42

passed #2575195
ironbank
openscap compliance

00:00:48

passed #2575196
ironbank
openscap cve

00:04:43

passed #2575197
ironbank
twistlock scan

00:00:20

 
  Csv Output
passed #2575199
ironbank
csv output

00:00:48

 
  Check Cves
passed #2575200
ironbank
check cves

00:00:15

 
  Documentation
passed #2575201
ironbank
sign image

00:00:24

passed #2575202
ironbank
sign manifest

00:00:18

passed #2575203
ironbank
write json documentation

00:00:18

 
  Publish
passed #2575204
ironbank
upload to s3

00:01:09

 
  Vat
passed #2575205
ironbank
vat

00:00:28

 
Name Stage Failure
failed
vat compare Finding Compare 
('CVE-2021-22876', 'twistlock_cve', 'curl 7.1.1 to and including 7.75.0 is vulnerable to an \\"Exposure of Private Personal Information to an Unauthorized Actor\\" by leaking credentials in the HTTP Referer: header. libcurl does not strip off user credentials from the URL when automatically populating the Referer: HTTP request header field in outgoing HTTP requests, and therefore risks leaking sensitive data to the server that is the target of the second HTTP request.', 'curl-7.61.1-14.el8_3.1', None)
('CVE-2021-23841', 'anchore_cve', 'openssl-1.1.1g-15.el8_3\nhttps://access.redhat.com/security/cve/CVE-2021-23841', 'openssl-1.1.1g-15.el8_3', None)
('CVE-2021-28153', 'twistlock_cve', 'An issue was discovered in GNOME GLib before 2.66.8. When g_file_replace() is used with G_FILE_CREATE_REPLACE_DESTINATION to replace a path that is a dangling symlink, it incorrectly also creates the target of the symlink as an empty file, which could conceivably have security relevance if the symlink is attacker-controlled. (If the path is a symlink to a file that already exists, then the contents of that file correctly remain unchanged.)', 'glib2-2.56.4-8.el8', None)
Uploading artifacts for failed job
Uploading artifacts...
ci-artifacts/compare/: found 2 matching files and directories 
Uploading artifacts as "archive" to coordinator... ok  id=2575191 responseStatus=201 Created token=RyMk1Qhb
Cleaning up file based variables
ERROR: Job failed: command terminated with exit code 4

UNCLASSIFIED