Running with gitlab-runner 13.8.0 (775dd39d)
  on global-shared-gitlab-runner-89dbd4db8-mnp6b RKzCU9YR
section_start:1618238625:resolve_secrets
Resolving secrets
section_end:1618238625:resolve_secrets
section_start:1618238625:prepare_executor
Preparing the "kubernetes" executor
Using Kubernetes namespace: gitlab-runner
WARNING: Pulling GitLab Runner helper image from Docker Hub. Helper image is migrating to registry.gitlab.com, for more information see https://docs.gitlab.com/runner/configuration/advanced-configuration.html#migrating-helper-image-to-registrygitlabcom
Using Kubernetes executor with image ${GITLAB_INTERNAL_REGISTRY}/ironbank-tools/ironbank-pipeline/ib-pipeline-image:0.1 ...
section_end:1618238625:prepare_executor
section_start:1618238625:prepare_script
Preparing environment
Waiting for pod gitlab-runner/runner-rkzcu9yr-project-4877-concurrent-0tgk6s to be running, status is Pending
Running on runner-rkzcu9yr-project-4877-concurrent-0tgk6s via global-shared-gitlab-runner-89dbd4db8-mnp6b...
section_end:1618238628:prepare_script
section_start:1618238628:get_sources
Getting source from Git repository
Fetching changes with git depth set to 50...
Initialized empty Git repository in /builds/dsop/opensource/spark-operator/spark-py/.git/
Created fresh repository.
Checking out 7ecf404f as development...

Skipping Git submodules setup
section_end:1618238628:get_sources
section_start:1618238628:download_artifacts
Downloading artifacts
Downloading artifacts for hardening_manifest (2698352)...
Downloading artifacts from coordinator... ok        id=2698352 responseStatus=200 OK token=anTAYeNF
Downloading artifacts for load scripts (2698350)...
Downloading artifacts from coordinator... ok        id=2698350 responseStatus=200 OK token=zZRt1qFx
Downloading artifacts for wl compare lint (2698353)...
Downloading artifacts from coordinator... ok        id=2698353 responseStatus=200 OK token=bNAzp1HU
section_end:1618238629:download_artifacts
section_start:1618238629:step_script
Executing "step_script" stage of the job script
$ mkdir -p "${ARTIFACT_DIR}"
$ set +e
$ python3 "${PIPELINE_REPO_DIR}/stages/vat-finding-compare/vat_findings.py"
INFO: Log level set to info
INFO: api set length: 99
INFO: db set length: 128
INFO: Number of findings in api not in query: 13
INFO: There are inherited CVEs returned by the api that are not returned by query
INFO: Findings from api not in direct query
INFO: ('CVE-2020-35512', 'anchore_cve', 'dbus-libs-1.12.8-12.el8_3\nhttps://access.redhat.com/security/cve/CVE-2020-35512', 'dbus-libs-1.12.8-12.el8_3', None)
INFO: ('CVE-2021-23840', 'anchore_cve', 'openssl-libs-1.1.1g-12.el8_3\nhttps://access.redhat.com/security/cve/CVE-2021-23840', 'openssl-libs-1.1.1g-12.el8_3', None)
INFO: ('CVE-2020-35512', 'anchore_cve', 'dbus-common-1.12.8-12.el8_3\nhttps://access.redhat.com/security/cve/CVE-2020-35512', 'dbus-common-1.12.8-12.el8_3', None)
INFO: ('CVE-2020-35512', 'anchore_cve', 'dbus-tools-1.12.8-12.el8_3\nhttps://access.redhat.com/security/cve/CVE-2020-35512', 'dbus-tools-1.12.8-12.el8_3', None)
INFO: ('CVE-2020-13776', 'anchore_cve', 'systemd-pam-239-41.el8_3.1\nhttps://access.redhat.com/security/cve/CVE-2020-13776', 'systemd-pam-239-41.el8_3.1', None)
INFO: ('CVE-2020-26137', 'anchore_cve', 'urllib3-1.24.2\nhttps://nvd.nist.gov/vuln/detail/CVE-2020-26137', 'urllib3-1.24.2', '/usr/lib/python3.6/site-packages/urllib3')
INFO: ('CVE-2020-35512', 'anchore_cve', 'dbus-1.12.8-12.el8_3\nhttps://access.redhat.com/security/cve/CVE-2020-35512', 'dbus-1.12.8-12.el8_3', None)
INFO: ('VULNDB-115884', 'anchore_cve', 'urllib3-1.24.2\nVendor Specific News/Changelog Entry: https://hg.python.org/cpython/raw-file/80ccce248ba2/Misc/NEWS\nVendor Specific Advisory URL: http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html\nVendor Specific News/Changelog Entry: http://www-01.ibm.com/support/docview.wss?uid=isg3T1024236\nVendor Specific Advisory URL: https://www.suse.com/support/update/announcement/2016/suse-su-20162887-1.html\nVendor Specific Advisory URL: https://www.suse.com/support/update/announcement/2016/suse-su-20162653-1.html\nVendor Specific Advisory URL: https://www.suse.com/support/update/announcement/2016/suse-su-20162106-1.html\nVendor Specific Advisory URL: http://www.splunk.com/view/SP-CAAAPSR\nVendor Specific Advisory URL: https://www.suse.com/support/update/announcement/2016/suse-su-20162859-1.html\nVendor Specific Advisory URL: https://www.ubuntu.com/usn/usn-3134-1/\nVendor Specific News/Changelog Entry: http://www-01.ibm.com/support/docview.wss?uid=isg400003021\nVendor Specific News/Changelog Entry: http://www-01.ibm.com/support/docview.wss?uid=isg400003023\nVendor Specific News/Changelog Entry: http://www-01.ibm.com/support/docview.wss?uid=isg400003024\nVendor Specific News/Changelog Entry: http://www-01.ibm.com/support/docview.wss?uid=isg400003026\nVendor Specific News/Changelog Entry: http://www-01.ibm.com/support/docview.wss?uid=isg400003025\nVendor Specific Advisory URL: https://www.cloudfoundry.org/usn-3134-1/\nVendor Specific Advisory URL: https://pivotal.io/security/usn-3134-1\nVendor Specific News/Changelog Entry: http://www-01.ibm.com/support/docview.wss?uid=isg400003027\nVendor Specific News/Changelog Entry: http://www-01.ibm.com/support/docview.wss?uid=isg400003028\nVendor Specific Advisory URL: http://www.splunk.com/view/SP-CAAAPSV\nVendor Specific Advisory URL: http://www.splunk.com/view/SP-CAAAPUE\nRedHat RHSA: http://rhn.redhat.com/errata/RHSA-2016-1626.html\nRedHat RHSA: http://rhn.redhat.com/errata/RHSA-2016-1627.html\nRedHat RHSA: http://rhn.redhat.com/errata/RHSA-2016-1628.html\nRedHat RHSA: http://rhn.redhat.com/errata/RHSA-2016-1629.html\nRedHat RHSA: http://rhn.redhat.com/errata/RHSA-2016-1630.html\nVendor Specific Advisory URL: https://www.suse.com/support/update/announcement/2016/suse-su-20162270-1.html\nVendor Specific News/Changelog Entry: http://www-01.ibm.com/support/docview.wss?uid=isg3T1024732\nVendor Specific News/Changelog Entry: http://www-01.ibm.com/support/docview.wss?uid=swg21994353\nVendor Specific Advisory URL: https://support.podc.sl.edst.ibm.com/support/home/docdisplay?lndocid=migr-5099557\nVendor Specific Advisory URL: http://www-01.ibm.com/support/docview.wss?uid=nas8N1021926\nVendor Specific News/Changelog Entry: http://www-01.ibm.com/support/docview.wss?uid=swg22002854\nVendor Specific Advisory URL: http://www-01.ibm.com/support/docview.wss?uid=swg22008901\nOther Advisory URL: https://www.blackhat.com/docs/us-17/thursday/us-17-Tsai-A-New-Era-Of-SSRF-Exploiting-URL-Parser-In-Trending-Programming-Languages.pdf\nOther Advisory URL: http://blog.orange.tw/2017/07/how-i-chained-4-vulnerabilities-on.html\nVendor Specific News/Changelog Entry: http://bugs.python.org/issue22928\nMail List Post: http://seclists.org/oss-sec/2016/q2/539\nMail List Post: http://seclists.org/oss-sec/2016/q2/542\nVendor Specific Solution URL: https://hg.python.org/cpython/rev/bf3e1c9b80e9\nVendor Specific Solution URL: https://hg.python.org/cpython/rev/1c45047c5102\nOther Advisory URL: http://blog.blindspotsecurity.com/2016/06/advisory-http-header-injection-in.html\nMail List Post: http://seclists.org/oss-sec/2016/q2/559\nVendor Specific News/Changelog Entry: https://bugzilla.redhat.com/show_bug.cgi?id=1303699\nVendor Specific News/Changelog Entry: https://sourceware.org/bugzilla/show_bug.cgi?id=20018\nMail List Post: http://seclists.org/fulldisclosure/2016/Jun/33\nCVE ID: http://cve.mitre.org/cgi-bin/cvename.cgi?name=2016-5699\nVendor Specific Advisory URL: https://support.f5.com/csp/#/article/K10420455\nBug Tracker: https://bugs.python.org/issue30458\nVendor Specific Advisory URL: https://securitydocs.business.xerox.com/wp-content/uploads/2018/08/cert_XRX18-028_FFPSv7_DvdUsb-Bulletin_Aug2018.pdf\nVendor Specific Advisory URL: https://securitydocs.business.xerox.com/wp-content/uploads/2018/08/cert_XRX18-029_FFPSv8_DvdUsb-Bulletin_Aug2018.pdf\nVendor Specific Advisory URL: https://securitydocs.business.xerox.com/wp-content/uploads/2018/08/cert_XRX18-030_FFPSv9_DvdUsb-Bulletin_Aug2018.pdf\nVendor Specific Advisory URL: https://securitydocs.business.xerox.com/wp-content/uploads/2018/08/cert_XRX18-035_FFPSv7_v9_UM-Bulletin_Aug2018.pdf\nVendor Specific Advisory URL: https://www.a10networks.com/support/security-advisories/system-vulnerabilities-no2-acos-3x-4x\nVendor Specific Advisory URL: https://www.a10networks.com/sites/default/files/security-advisories/System-Vulnerabilities-No2-ACOS-3x-4x.pdf\nVendor Specific Advisory URL: https://cert-portal.siemens.com/productcert/pdf/ssb-439005.pdf\nVendor Specific Advisory URL: https://www.suse.com/support/update/announcement/2019/suse-su-20190223-1/\nBug Tracker: https://bugs.python.org/issue35906\nVendor Specific Solution URL: https://github.com/python/cpython/commit/91e4c96c2a75b3da40ad36413e92f61c17b04d10\nOther Advisory URL: https://lists.debian.org/debian-lts-announce/2019/02/msg00011.html\nOther Advisory URL: http://www.openwall.com/lists/oss-security/2016/06/14/7\nOther Advisory URL: http://www.openwall.com/lists/oss-security/2016/06/15/12\nOther Advisory URL: http://www.openwall.com/lists/oss-security/2016/06/16/2\nVendor Specific News/Changelog Entry: https://docs.python.org/3.4/whatsnew/changelog.html#python-3-4-4\nVendor Specific News/Changelog Entry: https://hg.python.org/cpython/raw-file/v2.7.10/Misc/NEWS\nBugtraq ID: http://www.securityfocus.com/bid/91226\nCVE ID: http://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-9947\nVendor Specific News/Changelog Entry: https://security.netapp.com/advisory/ntap-20190404-0004/\nBug Tracker: https://bugs.python.org/issue36276#msg337837\nBug Tracker: https://github.com/urllib3/urllib3/issues/1553\nCVE ID: http://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-11236\nBug Tracker: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927172\nBug Tracker: https://bugzilla.redhat.com/show_bug.cgi?id=1692984\nVendor Specific Solution URL: https://github.com/urllib3/urllib3/pull/1531\nVendor Specific Solution URL: https://github.com/urllib3/urllib3/commit/5d523706c7b03f947dc50a7e783758a2bfff0532\nCVE ID: http://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-9740\nBug Tracker: https://bugs.python.org/issue36276\nOther Advisory URL: https://github.com/urllib3/urllib3/blob/master/CHANGES.rst\nVendor Specific Solution URL: https://github.com/boto/botocore/pull/1720\nVendor Specific Solution URL: https://github.com/boto/botocore/.commit/009cd449b5b05cc4aa06404b47ecad73c4c407f9\nVendor Specific Solution URL: https://github.com/boto/botocore/commit/009cd449b5b05cc4aa06404b47ecad73c4c407f9\nGeneric Informational URL: https://www.us-cert.gov/ncas/bulletins/SB19-077\nGeneric Informational URL: https://www.us-cert.gov/ncas/bulletins/SB19-084\nGeneric Informational URL: https://www.us-cert.gov/ncas/bulletins/SB19-091\nVendor Specific Solution URL: https://github.com/urllib3/urllib3/pull/1593\nVendor Specific News/Changelog Entry: https://github.com/urllib3/urllib3/releases/tag/1.24.3\nGeneric Informational URL: https://www.us-cert.gov/ncas/bulletins/SB19-112\nOther Advisory URL: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXASHCDD4PQFKTMKQN4YOP5ZH366ABN4/\nBugtraq ID: http://www.securityfocus.com/bid/107466\nVendor Specific Solution URL: https://github.com/boto/botocore/pull/1735\nVendor Specific Advisory URL: https://usn.ubuntu.com/3990-1/\nRedHat RHSA: http://rhn.redhat.com/errata/RHSA-2019-1260.html\nOther Advisory URL: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMWSKTNOHSUOT3L25QFJAVCFYZX46FYK/\nVendor Specific Advisory URL: https://www.suse.com/support/update/announcement/2019/suse-su-20191352-1/\nVendor Specific Advisory URL: https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-affect-ibm-pureapplication-system/\nVendor Specific Advisory URL: https://www-01.ibm.com/support/docview.wss?uid=ibm10885602\nVendor Specific Solution URL: https://github.com/urllib3/urllib3/pull/1591\nVendor Specific Solution URL: https://github.com/urllib3/urllib3/commit/c147f359520cab339ec96b3ef96e471c0da261f6\nVendor Specific Solution URL: https://github.com/urllib3/urllib3/commit/9b76785331243689a9d52cef3db05ef7462cb02d\nVendor Specific Advisory URL: https://security.netapp.com/advisory/ntap-20190619-0005/\nOther Advisory URL: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TBI45HO533KYHNB5YRO43TBYKA3E3VRL/\nOther Advisory URL: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R62XGEYPUTXMRHGX5I37EBCGQ5COHGKR/\nOther Advisory URL: https://lists.debian.org/debian-lts-announce/2019/06/msg00016.html\nOther Advisory URL: https://lists.debian.org/debian-lts-announce/2019/06/msg00022.html\nOther Advisory URL: https://lists.debian.org/debian-lts-announce/2019/06/msg00023.html\nOther Advisory URL: https://lists.debian.org/debian-lts-announce/2019/06/msg00026.html\nVendor Specific News/Changelog Entry: https://docs.python.org/3.6/whatsnew/changelog.html#python-3-6-9-release-candidate-1\nVendor Specific News/Changelog Entry: https://docs.python.org/3.7/whatsnew/changelog.html#python-3-7-4-release-candidate-1\nOther Advisory URL: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/44TS66GJMO5H3RLMVZEBGEFTB6O2LJJU/\nOther Advisory URL: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2ORNTF62QPLMJXIQ7KTZQ2776LMIXEKL/\nVendor Specific Advisory URL: https://www.suse.com/support/update/announcement/2019/suse-su-20191352-2/\nBug Tracker: https://bugzilla.suse.com/show_bug.cgi?id=1130840\nBug Tracker: https://bugzilla.suse.com/show_bug.cgi?id=1133452\nVendor Specific Advisory URL: https://www.oracle.com/technetwork/topics/security/bulletinjul2019-5600410.html\nVendor Specific Advisory URL: https://usn.ubuntu.com/3990-2/\nRedHat RHSA: http://rhn.redhat.com/errata/RHSA-2019-2272.html\nRedHat RHSA: http://rhn.redhat.com/errata/RHSA-2019-2030.html\nVendor Specific Advisory URL: https://linux.oracle.com/errata/ELSA-2019-2272.html\nVendor Specific Advisory URL: https://linux.oracle.com/errata/ELSA-2019-2030.html\nVendor Specific Advisory URL: https://www.suse.com/support/update/announcement/2019/suse-su-20192267-1/\nVendor Specific Advisory URL: https://www.suse.com/support/update/announcement/2019/suse-su-20192300-1/\nBug Tracker: https://bugzilla.suse.com/show_bug.cgi?id=1129071\nBug Tracker: https://bugzilla.suse.com/show_bug.cgi?id=1132663\nVendor Specific Advisory URL: https://www.suse.com/support/update/announcement/2019/suse-su-20192331-1/\nVendor Specific Advisory URL: https://www.suse.com/support/update/announcement/2019/suse-su-20192332-1/\nVendor Specific Advisory URL: https://usn.ubuntu.com/4127-1/\nOther Advisory URL: https://usn.ubuntu.com/4127-2/\nVendor Specific Advisory URL: https://www.suse.com/support/update/announcement/2019/suse-su-20192370-1/\nMail List Post: http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00039.html\nMail List Post: http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00041.html\nVendor Specific Advisory URL: https://www.suse.com/support/update/announcement/2019/suse-su-20192391-1/\nVendor Specific Advisory URL: https://www.suse.com/support/update/announcement/2019/suse-su-20192399-1/\nVendor Specific Advisory URL: https://success.alienvault.com/s/question/0D50Z00009XXj9MSAT/alienvault-v575-threat-advisory\nVendor Specific Advisory URL: https://www.cloudfoundry.org/blog/usn-4127-1/\nVendor Specific Advisory URL: https://www.dell.com/support/security/en-us/details/536738/DSA-2019-131-Dell-EMC-VNXe3200-Family-Security-Update-for-Multiple-Third-Party-Vulnerabilities#\nVendor Specific Advisory URL: https://www.dell.com/support/security/en-us/details/DOC-101224/DSA-2019-036-RSA-Identity-Governance-and-Lifecycle-Security-Update-for-SUSE-Linux-Enterprise-Serv\nMail List Post: https://seclists.org/bugtraq/2019/Oct/29\nVendor Specific News/Changelog Entry: https://raw.githubusercontent.com/python/cpython/c2f86d86e6c8f5fd1ef602128b537a48f3f5c063/Misc/NEWS.d/2.7.17rc1.rst\nOther Advisory URL: http://packetstormsecurity.com/files/154927/Slackware-Security-Advisory-python-Updates.html\nVendor Specific Advisory URL: https://www.suse.com/support/update/announcement/2019/suse-su-20192743-1/\nCVE ID: http://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-18348\nOther Advisory URL: https://bugs.python.org/issue30458#msg347282\nBug Tracker: https://bugzilla.redhat.com/show_bug.cgi?id=1727276\nMail List Post: http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00062.html\nMail List Post: http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00063.html\nRedHat RHSA: http://rhn.redhat.com/errata/RHSA-2019-3335.html\nRedHat RHSA: http://rhn.redhat.com/errata/RHSA-2019-3590.html\nRedHat RHSA: http://rhn.redhat.com/errata/RHSA-2019-3520.html\nRedHat RHSA: http://rhn.redhat.com/errata/RHSA-2019-3725.html\nVendor Specific News/Changelog Entry: https://security.netapp.com/advisory/ntap-20191107-0004/\nOther Advisory URL: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M34WOYCDKTDE5KLUACE2YIEH7D37KHRX/\nOther Advisory URL: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JCPGLTTOBB3QEARDX4JOYURP6ELNNA2V/\nOther Advisory URL: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4X3HW5JRZ7GCPSR7UHJOLD7AWLTQCDVR/\nVendor Specific Advisory URL: https://pivotal.io/security/usn-4127-1\nVendor Specific Advisory URL: https://www.ibm.com/support/pages/node/1102875\nISS X-Force ID: https://exchange.xforce.ibmcloud.com/vulnerabilities/158830\nVendor Specific Advisory URL: https://pivotal.io/security/usn-3990-1\nVendor Specific Advisory URL: https://securitydocs.business.xerox.com/wp-content/uploads/2019/11/cert_XRX19-033_FFPSv7-S11_MediaDelivery_Nov2019.pdf\nVendor Specific Advisory URL: https://securitydocs.business.xerox.com/wp-content/uploads/2019/11/cert_XRX19-034_FFPSv9-S11_MediaDelivery_Nov2019.pdf\nVendor Specific Advisory URL: https://www.ibm.com/support/pages/node/1115655\nVendor Specific Advisory URL: https://www.suse.com/support/update/announcement/2019/suse-su-201914246-1/\nGeneric Informational URL: https://www.us-cert.gov/ncas/bulletins/SB19301\nVendor Specific Advisory URL: https://www.ibm.com/support/pages/node/1146574\nVendor Specific Advisory URL: https://www.ibm.com/support/pages/node/1167106\nOther Advisory URL: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NKGPJLVLVYCL4L4B4G5TIOTVK4BKPG72/\nVendor Specific Advisory URL: https://www.suse.com/support/update/announcement/2020/suse-su-20200114-1/\nBug Tracker: https://bugzilla.suse.com/show_bug.cgi?id=985348\nOther Advisory URL: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOSA2NT4DUQDBEIWE6O7KKD24XND7TE2/\nMail List Post: http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html\nVendor Specific Advisory URL: https://www.ibm.com/support/pages/node/1167892\nISS X-Force ID: https://exchange.xforce.ibmcloud.com/vulnerabilities/158138\nVendor Specific Advisory URL: https://www.suse.com/support/update/announcement/2020/suse-su-20200302-1/\nVendor Specific Advisory URL: https://securitydocs.business.xerox.com/wp-content/uploads/2020/02/cert_XRX20-004_FFPSv7-S10_DvdUsb-Bulletin_Feb2020.pdf\nVendor Specific Advisory URL: https://securitydocs.business.xerox.com/wp-content/uploads/2020/02/cert_XRX20-007_FFPSv9-S10_DvdUsb-Bulletin_Feb2020.pdf\nVendor Specific Advisory URL: https://www.dell.com/support/security/en-us/details/DOC-110287/DSA-2020-024-RSA-NetWitness-Logs-and-Network-Security-Update-for-Multiple-Third-Party-Component-V#\nVendor Specific Advisory URL: https://www.ibm.com/support/pages/node/5252181\nVendor Specific Advisory URL: https://www.ibm.com/support/pages/node/5736825\nISS X-Force ID: https://exchange.xforce.ibmcloud.com/vulnerabilities/169989\nVendor Specific Advisory URL: https://www.ibm.com/support/pages/node/5693211\nVendor Specific Solution URL: https://security.gentoo.org/glsa/202003-26\nRedHat RHSA: http://rhn.redhat.com/errata/RHSA-2020-0851.html\nRedHat RHSA: http://rhn.redhat.com/errata/RHSA-2020-0850.html\nVendor Specific News/Changelog Entry: https://docs.python.org/3.7/whatsnew/changelog.html#python-3-7-7-final\nVendor Specific Advisory URL: https://linux.oracle.com/errata/ELSA-2020-0851.html\nVendor Specific Advisory URL: https://linux.oracle.com/errata/ELSA-2020-0850.html\nVendor Specific Advisory URL: https://www.suse.com/support/update/announcement/2020/suse-su-20200750-1/\nBug Tracker: https://bugzilla.suse.com/show_bug.cgi?id=1155094\nRedHat RHSA: http://rhn.redhat.com/errata/RHSA-2020-1268.html\nVendor Specific Advisory URL: https://www.suse.com/support/update/announcement/2020/suse-su-20200854-1/\nBug Tracker: https://bugzilla.suse.com/show_bug.cgi?id=1162224\nBug Tracker: https://bugzilla.suse.com/show_bug.cgi?id=1165894\nRedHat RHSA: http://rhn.redhat.com/errata/RHSA-2020-1346.html\nVendor Specific Advisory URL: https://www.ibm.com/support/pages/node/6173469\nVendor Specific Advisory URL: https://www.ibm.com/support/pages/node/6173463\nRedHat RHSA: http://rhn.redhat.com/errata/RHSA-2020-1462.html\nVendor Specific Advisory URL: https://www.dell.com/support/security/en-us/details/542857/DSA-2020-105-Dell-EMC-Avamar-and-NetWorker-Security-Update-for-Multiple-Components\nVendor Specific Advisory URL: https://usn.ubuntu.com/4333-1/\nRedHat RHSA: http://rhn.redhat.com/errata/RHSA-2020-1916.html\nRedHat RHSA: http://rhn.redhat.com/errata/RHSA-2020-1605.html\nVendor Specific Advisory URL: https://usn.ubuntu.com/4333-2/\nVendor Specific News/Changelog Entry: https://docs.python.org/release/3.8.3rc1/whatsnew/changelog.html#changelog\nOther Advisory URL: https://hackerone.com/reports/165102\nOther Advisory URL: https://hackerone.com/reports/590020\nVendor Specific Advisory URL: https://www.ibm.com/support/pages/node/6206166\nRedHat RHSA: http://rhn.redhat.com/errata/RHSA-2020-2068.html\nRedHat RHSA: http://rhn.redhat.com/errata/RHSA-2020-2081.html\nVendor Specific Advisory URL: https://www.cloudfoundry.org/blog/usn-4333-1/\nVendor Specific Advisory URL: https://linux.oracle.com/errata/ELSA-2020-2081.html\nVendor Specific Advisory URL: https://linux.oracle.com/errata/ELSA-2020-2068.html\nVendor Specific Advisory URL: https://www.oracle.com/security-alerts/linuxbulletinapr2020.html\nVendor Specific Advisory URL: https://www.suse.com/support/update/announcement/2020/suse-su-20201339-1/\nMail List Post: http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00041.html\nVendor Specific Advisory URL: https://www.ibm.com/support/pages/node/6217882\nVendor Specific Advisory URL: https://pythoninsider.blogspot.com/2020/06/python-378rc1-and-3611rc1-now-available.html\nVendor Specific Advisory URL: https://www.python.org/downloads/release/python-3611rc1/\nVendor Specific News/Changelog Entry: https://docs.python.org/3.6/whatsnew/changelog.html#python-3-6-11-release-candidate-1\nVendor Specific Advisory URL: https://www.suse.com/support/update/announcement/2020/suse-su-20201524-1/\nVendor Specific News/Changelog Entry: https://docs.python.org/release/3.6.11/whatsnew/changelog.html#changelog\nOther Advisory URL: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UESGYI5XDAHJBATEZN3MHNDUBDH47AS6/\nVendor Specific Advisory URL: https://www.dell.com/support/security/en-us/details/544836/DSA-2020-162-Dell-EMC-Cloud-Tiering-Appliance-Security-Update-for-Multiple-Third-Party-Component\nOther Advisory URL: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A5NSAX4SC3V64PGZUPH7PRDLSON34Q5A/\nVendor Specific Advisory URL: https://www.dell.com/support/security/en-us/details/545133/DSA-2020-173-Dell-EMC-Data-Protection-Central-Security-Update-for-Multiple-Third-Party-Component#\nVendor Specific Advisory URL: https://www.dell.com/support/security/en-us/details/545137/DSA-2020-169-Dell-EMC-Cyber-Recovery-Security-Update-for-Multiple-Third-Party-Component-Vulnerabi#\nOther Advisory URL: https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html\nVendor Specific Advisory URL: https://www.dell.com/support/security/en-us/details/545286/DSA-2020-180-Dell-EMC-CloudBoost-Virtual-Appliance-Security-Update-for-Multiple-Third-Party-Compo#\nRedHat RHSA: http://rhn.redhat.com/errata/RHSA-2020-3194.html\nVendor Specific Advisory URL: https://www.dell.com/support/security/en-us/details/545496/DSA-2020-175-VxRail-Appliance-Security-Update-for-Multiple-Third-Party-Component-Vulnerabilities\nVendor Specific Advisory URL: https://www.dell.com/support/security/en-us/details/545653/DSA-2020-199-Dell-EMC-NetWorker-vProxy-Security-Update-for-SLES-Vulnerabilities\nVendor Specific Advisory URL: https://www.dell.com/support/security/en-us/details/545653/DSA-2020-199-Dell-EMC-NetWorker-vProxy-Security-Update-for-Multiple-Vulnerabilities#\nVendor Specific Advisory URL: https://www.oracle.com/security-alerts/bulletinjul2020.html\nOther Advisory URL: https://lists.debian.org/debian-lts-announce/2020/08/msg00034.html\nOther Advisory URL: https://github.com/aliasrobotics/RVD/issues/1493\nVendor Specific News/Changelog Entry: https://docs.python.org/3.5/whatsnew/changelog.html#python-3-5-10\nVendor Specific Advisory URL: https://www.suse.com/support/update/announcement/2020/suse-su-20202699-1/\nVendor Specific Advisory URL: https://www.dell.com/support/security/en-us/details/546585/DSA-2020-223-Dell-EMC-CloudBoost-virtual-appliance-Security-Update-for-Multiple-Third-Party-Compo\nVendor Specific Advisory URL: https://success.alienvault.com/s/question/0D53q0000A4vyOZCQY/alienvault-v585-security-advisory\nVendor Specific Advisory URL: https://success.alienvault.com/sfc/servlet.shepherd/document/download/0693q000008h36kAAA?operationContext=S1\nVendor Specific Advisory URL: https://www.ibm.com/support/pages/node/6342923\nRedHat RHSA: http://rhn.redhat.com/errata/RHSA-2020-4285.html\nRedHat RHSA: http://rhn.redhat.com/errata/RHSA-2020-4273.html\nVendor Specific Advisory URL: https://www.oracle.com/security-alerts/cpuoct2020.html#AppendixSUNS\nOther Advisory URL: https://www.oracle.com/security-alerts/cpuoct2020.html\nRedHat RHSA: http://rhn.redhat.com/errata/RHSA-2020-4298.html\nVendor Specific Advisory URL: https://downloads.avaya.com/css/P8/documents/101072035\nVendor Specific Advisory URL: https://www.suse.com/support/update/announcement/2020/suse-su-20203624-1/\nVendor Specific Advisory URL: https://www.dell.com/support/kbdoc/en-us/000181249/dsa-2020-273-dell-emc-data-protection-central-security-update-for-multiple-third-party-component-vulnerabilities\nVendor Specific Advisory URL: https://www.dell.com/support/kbdoc/en-us/000181139/dsa-2020-285-dell-emc-powerstore-family-security-update-for-multiple-third-party-component-vulnerabilities\nVendor Specific Advisory URL: https://www.suse.com/support/update/announcement/2020/suse-su-20203865-1/\nVendor Specific Advisory URL: https://www.suse.com/support/update/announcement/2020/suse-su-20203930-1/\nVendor Specific Advisory URL: https://www.dell.com/support/kbdoc/en-us/000182169/dsa-2021-012-dell-emc-secure-remote-services-virtual-edition-security-update-for-multiple-third-party-component-vulnerabilities\nVendor Specific Advisory URL: https://forums.opensuse.org/showthread.php/548656-openSUSE-SU-2020-2333-1-important-Security-update-for-python3\nVendor Specific Advisory URL: https://www.ibm.com/support/pages/node/6408856\nOther Advisory URL: http://www.openwall.com/lists/oss-security/2021/02/04/2\nVendor Specific Advisory URL: https://www.dell.com/support/kbdoc/en-us/000153858/dsa-2020-169-dell-emc-cyber-recovery-security-update-for-multiple-third-party-component-vulnerabilities\n', 'urllib3-1.24.2', '/usr/lib/python3.6/site-packages/urllib3')
INFO: ('CVE-2020-13776', 'anchore_cve', 'systemd-239-41.el8_3.1\nhttps://access.redhat.com/security/cve/CVE-2020-13776', 'systemd-239-41.el8_3.1', None)
INFO: ('CVE-2020-13776', 'anchore_cve', 'systemd-libs-239-41.el8_3.1\nhttps://access.redhat.com/security/cve/CVE-2020-13776', 'systemd-libs-239-41.el8_3.1', None)
INFO: ('CVE-2020-35512', 'anchore_cve', 'dbus-daemon-1.12.8-12.el8_3\nhttps://access.redhat.com/security/cve/CVE-2020-35512', 'dbus-daemon-1.12.8-12.el8_3', None)
INFO: ('CVE-2020-13776', 'twistlock_cve', 'systemd through v245 mishandles numerical usernames such as ones composed of decimal digits or 0x followed by hex digits, as demonstrated by use of root privileges when privileges of the 0x0 user account were intended. NOTE: this issue exists because of an incomplete fix for CVE-2017-1000082.', 'systemd-239-41.el8_3.1', None)
INFO: ('CVE-2021-23841', 'anchore_cve', 'openssl-libs-1.1.1g-12.el8_3\nhttps://access.redhat.com/security/cve/CVE-2021-23841', 'openssl-libs-1.1.1g-12.el8_3', None)
section_end:1618238630:step_script
section_start:1618238630:upload_artifacts_on_failure
Uploading artifacts for failed job
Uploading artifacts...
ci-artifacts/compare/: found 2 matching files and directories 
Uploading artifacts as "archive" to coordinator... ok  id=2698354 responseStatus=201 Created token=pA1bKzQ1
section_end:1618238631:upload_artifacts_on_failure
section_start:1618238631:cleanup_file_variables
Cleaning up file based variables
section_end:1618238631:cleanup_file_variables
ERROR: Job failed: command terminated with exit code 4