UNCLASSIFIED

Skip to content

GitLab

fix type in python version number

14 jobs for python-update in 11 minutes and 13 seconds (queued for 17 seconds)
bc1a1e7a
1 related merge request: !16 Python update
Status Job ID Name Coverage
  .Pre
passed #2666039
ironbank
load scripts

00:00:07

 
  Preflight
passed #2666040
ironbank
folder structure

00:00:05

passed #2666041
ironbank
hardening_manifest

00:00:10

 
  Lint
passed #2666042
ironbank
wl compare lint

00:00:10

 
  Finding Compare
failed #2666043
ironbank allowed to fail
vat compare

00:00:07

 
  Import Artifacts
passed #2666044
ironbank
import artifacts

00:00:07

 
  Scan Artifacts
passed #2666045
ironbank
clamav scan

00:02:53

 
  Build
passed #2666046
ironbank-isolated
build

00:02:19

 
  Scanning
passed #2666050
ironbank
anchore scan

00:02:11

passed #2666047
ironbank
openscap compliance

00:00:56

passed #2666048
ironbank
openscap cve

00:04:06

passed #2666049
ironbank
twistlock scan

00:00:35

 
  Csv Output
passed #2666051
ironbank
csv output

00:00:55

 
  Check Cves
failed #2666052
ironbank allowed to fail
check cves

00:00:15

 
Name Stage Failure
failed
check cves Check Cves 
ERROR: anchore_cve                   CVE-2020-10878                perl-interpreter-5.26.3-417.el8_3    None                          
ERROR: anchore_cve                   CVE-2020-10543                perl-libs-5.26.3-417.el8_3    None                          
ERROR: anchore_cve                   CVE-2020-10878                perl-libs-5.26.3-417.el8_3    None                          
ERROR: anchore_cve                   CVE-2020-10543                perl-macros-5.26.3-417.el8_3    None                          
ERROR: anchore_cve                   CVE-2020-10878                perl-macros-5.26.3-417.el8_3    None                          
ERROR: twistlock_cve                 CVE-2021-23840                openssl-1.1.1g-15.el8_3       None                          
ERROR: twistlock_cve                 CVE-2021-23841                openssl-1.1.1g-15.el8_3       None                          
Cleaning up file based variables
ERROR: Job failed: command terminated with exit code 1
failed
vat compare Finding Compare 
('CVE-2021-3449', 'anchore_cve', 'python-3.9.2\nVendor Specific News/Changelog Entry: https://downloads.nodesource.com/\nVendor Specific Advisory URL: https://support2.windriver.com/index.php?page=security-notices&on=view&id=7055\nCVE ID: http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-3449\nMail List Post: https://mta.openssl.org/pipermail/openssl-announce/2021-March/000196.html\nVendor Specific Advisory URL: https://www.openssl.org/news/secadv/20210325.txt\nVendor Specific Solution URL: https://github.com/openssl/openssl/commit/02b1636fe3db274497304a3e95a4e32ced7e841b\nVendor Specific Solution URL: https://github.com/openssl/openssl/commit/39a140597d874e554b736885ac4dea16ac40a87a\nVendor Specific Advisory URL: https://www.openssl.org/news/vulnerabilities.html\nVendor Specific Solution URL: https://github.com/openssl/openssl/commit/2a40b7bc7b94dd7de897a74571e7024f0cf0d63b\nVendor Specific Advisory URL: https://access.redhat.com/security/cve/cve-2021-3449\nBug Tracker: https://bugzilla.redhat.com/show_bug.cgi?id=1941554\nVendor Specific Advisory URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd\nVendor Specific Advisory URL: https://ubuntu.com/security/notices/USN-4891-1\nVendor Specific Advisory URL: https://www.freebsd.org/security/advisories/FreeBSD-SA-21:07.openssl.asc\nVendor Specific Advisory URL: https://www.debian.org/security/2021/dsa-4875\nOther Advisory URL: https://www.krcert.or.kr/data/secNoticeView.do?bulletin_writing_sequence=35948\nOther Advisory URL: http://jvn.jp/vu/JVNVU92126369/index.html\nVendor Specific Advisory URL: https://forums.opensuse.org/showthread.php/551969-openSUSE-SU-2021-0476-1-important-Security-update-for-openssl-1_1\nVendor Specific Advisory URL: https://security.netapp.com/advisory/ntap-20210326-0006/\nGeneric Exploit URL: https://github.com/terorie/cve-2021-3449\nVendor Specific Advisory URL: https://www.suse.com/support/update/announcement/2021/suse-su-20210954-1/\nVendor Specific Advisory URL: https://www.suse.com/support/update/announcement/2021/suse-su-20210955-1/\nBug Tracker: https://bugzilla.suse.com/show_bug.cgi?id=1183852\nVendor Specific Advisory URL: https://support.f5.com/csp/article/K83623027\nNews Article: https://www.bankinfosecurity.com/openssl-fixes-flaws-that-could-lead-to-server-takedowns-a-16276\nNews Article: https://www.bleepingcomputer.com/news/security/openssl-fixes-severe-dos-certificate-validation-vulnerabilities/\nNews Article: https://arstechnica.com/gadgets/2021/03/openssl-fixes-high-severity-flaw-that-allows-hackers-to-crash-servers/\nVendor Specific Advisory URL: https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc\nVendor Specific Solution URL: https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fb9fa6b51defd48157eeb207f52181f735d96148\nVendor Specific News/Changelog Entry: https://blog.powerdns.com/2021/03/29/third-alpha-release-of-dnsdist-1-6-0/\nVendor Specific News/Changelog Entry: https://dnsdist.org/changelog.html#change-1.6.0-alpha3\nOther Advisory URL: https://matrix.org/blog/2021/03/26/synapse-1-30-1-released/\nRedHat RHSA: http://rhn.redhat.com/errata/RHSA-2021-1024.html\nVendor Specific Advisory URL: https://networks.unify.com/security/advisories/OBSO-2103-01.pdf\nMail List Post: http://www.openwall.com/lists/oss-security/2021/03/27/1\nMail List Post: http://www.openwall.com/lists/oss-security/2021/03/27/2\nMail List Post: http://www.openwall.com/lists/oss-security/2021/03/28/3\nMail List Post: http://www.openwall.com/lists/oss-security/2021/03/28/4\nVendor Specific Advisory URL: https://news.cpanel.com/easyapache-4-march-31-release/\nVendor Specific Advisory URL: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/\nVendor Specific Advisory URL: https://www.tenable.com/security/tns-2021-06\nVendor Specific Solution URL: https://security.gentoo.org/glsa/202103-03\nVendor Specific News/Changelog Entry: https://www.tenable.com/security/tns-2021-05\nOther Advisory URL: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/\nVendor Specific News/Changelog Entry: https://pythoninsider.blogspot.com/2021/04/python-393-and-389-are-now-available.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+PythonInsider+%28Python+Insider%29\nVendor Specific News/Changelog Entry: https://www.python.org/downloads/release/python-393/\nVendor Specific News/Changelog Entry: https://www.python.org/downloads/release/python-389/\nVendor Specific News/Changelog Entry: https://pythoninsider.blogspot.com/2021/04/python-394-hotfix-is-now-available.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+PythonInsider+%28Python+Insider%29\nRedHat RHSA: http://rhn.redhat.com/errata/RHSA-2021-1063.html\nVendor Specific Advisory URL: https://nodejs.org/en/blog/vulnerability/april-2021-security-releases/\nRedHat RHSA: http://rhn.redhat.com/errata/RHSA-2021-1131.html\nVendor Specific Advisory URL: https://support.broadcom.com/security-advisory/content/security-advisories/OpenSSL-Vulnerabilities-Mar-2021/SYMSA17849\n', 'python-3.9.2', '/usr/local/lib/libpython3.9.so.1.0')
Findings from direct query not in api
('cbff271f45d32e78dcc1979dbca9c14d', 'anchore_comp', 'User root found as effective user, which is explicity not allowed\n Gate: dockerfile\n Trigger: effective_user\n Policy ID: DoDEffectiveUserChecks', None, None)
Uploading artifacts for failed job
Uploading artifacts...
ci-artifacts/compare/: found 2 matching files and directories 
Uploading artifacts as "archive" to coordinator... ok  id=2666043 responseStatus=201 Created token=fMSSsj-k
Cleaning up file based variables
ERROR: Job failed: command terminated with exit code 4

UNCLASSIFIED