WIP: Security patches (!200) · Merge requests · drupal / paas / cern-drupal-distribution

Francisco Borges Aurindo Barros requested to merge security-check into v9.5-2 Jul 31, 2023

Currently the CDD image has the following vulnerabilities reported by grype:

33 critical, 154 high, 311 medium, 7 low, 0 negligible (6 unknown)

The goal of this MR is to reduce the total number of vulnerabilities, as well have 0 critical ones.

Current critical list:

curl                   7.83.1-r3         7.83.1-r4         apk     CVE-2022-32221  Critical  
curl                   7.83.1-r3         7.83.1-r6         apk     CVE-2023-23914  Critical  
ghostscript            9.56.1-r0         9.56.1-r1         apk     CVE-2023-28879  Critical  
git                    2.36.3-r0         2.36.4-r0         apk     CVE-2022-23521  Critical  
git                    2.36.3-r0         2.36.4-r0         apk     CVE-2022-41903  Critical  
imagemagick            7.1.0.50-r0                         apk     CVE-2014-9826   Critical  
imagemagick            7.1.0.50-r0                         apk     CVE-2014-9852   Critical  
imagemagick            7.1.0.50-r0                         apk     CVE-2016-10144  Critical  
imagemagick            7.1.0.50-r0                         apk     CVE-2016-10145  Critical  
imagemagick            7.1.0.50-r0                         apk     CVE-2017-5511   Critical  
imagemagick            7.1.0.50-r0                         apk     CVE-2023-34152  Critical  
imagemagick-c++        7.1.0.50-r0                         apk     CVE-2014-9826   Critical  
imagemagick-c++        7.1.0.50-r0                         apk     CVE-2014-9852   Critical  
imagemagick-c++        7.1.0.50-r0                         apk     CVE-2016-10144  Critical  
imagemagick-c++        7.1.0.50-r0                         apk     CVE-2016-10145  Critical  
imagemagick-c++        7.1.0.50-r0                         apk     CVE-2017-5511   Critical  
imagemagick-c++        7.1.0.50-r0                         apk     CVE-2023-34152  Critical  
imagemagick-dev        7.1.0.50-r0                         apk     CVE-2014-9826   Critical  
imagemagick-dev        7.1.0.50-r0                         apk     CVE-2014-9852   Critical  
imagemagick-dev        7.1.0.50-r0                         apk     CVE-2016-10144  Critical  
imagemagick-dev        7.1.0.50-r0                         apk     CVE-2016-10145  Critical  
imagemagick-dev        7.1.0.50-r0                         apk     CVE-2017-5511   Critical  
imagemagick-dev        7.1.0.50-r0                         apk     CVE-2023-34152  Critical  
imagemagick-libs       7.1.0.50-r0                         apk     CVE-2014-9826   Critical  
imagemagick-libs       7.1.0.50-r0                         apk     CVE-2014-9852   Critical  
imagemagick-libs       7.1.0.50-r0                         apk     CVE-2016-10144  Critical  
imagemagick-libs       7.1.0.50-r0                         apk     CVE-2016-10145  Critical  
imagemagick-libs       7.1.0.50-r0                         apk     CVE-2017-5511   Critical  
imagemagick-libs       7.1.0.50-r0                         apk     CVE-2023-34152  Critical  
libcurl                7.83.1-r3         7.83.1-r4         apk     CVE-2022-32221  Critical  
libcurl                7.83.1-r3         7.83.1-r6         apk     CVE-2023-23914  Critical  
libtasn1               4.18.0-r0         4.18.0-r1         apk     CVE-2021-46848  Critical  
python3                3.10.5-r0         3.10.9-r0         apk     CVE-2022-37454  Critical

WIP: Security patches

Merge request reports