Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

bug(amazonlinux): Trivy marks Amazon Linux version as EOL if */system-release file uses 2023.xxx.xxx format #6294

Closed
DmitriyLewen opened this issue Mar 11, 2024 · 2 comments · Fixed by #6295
Closed

bug(amazonlinux): Trivy marks Amazon Linux version as EOL if */system-release file uses 2023.xxx.xxx format #6294

DmitriyLewen opened this issue Mar 11, 2024 · 2 comments · Fixed by #6295
Assignees
@DmitriyLewen
Labels
kind/bug Categorizes issue or PR as related to a bug. scan/vulnerability Issues relating to vulnerability scanning target/container-image Issues relating to container image scanning

Comments

@DmitriyLewen
Copy link
Contributor

DmitriyLewen commented Mar 11, 2024
edited
Loading

Description

Trivy marks Amazon Linux version as EOL if */system-release file uses 2023.xxx.xxx format
See example in aquasecurity/trivy-db#390
@DmitriyLewen DmitriyLewen added kind/bug Categorizes issue or PR as related to a bug. scan/vulnerability Issues relating to vulnerability scanning target/container-image Issues relating to container image scanning labels Mar 11, 2024
@DmitriyLewen DmitriyLewen self-assigned this Mar 11, 2024
@DmitriyLewen DmitriyLewen mentioned this issue Mar 11, 2024
Closed
@DmitriyLewen DmitriyLewen changed the title bug(amazonlinux): Trivy doesn't detect AL version if */system-release file uses 2023.xxx.xxx format bug(amazonlinux): Trivy marks Amazon Linux version as EOL if */system-release file uses 2023.xxx.xxx format Mar 11, 2024
@DmitriyLewen DmitriyLewen mentioned this issue Mar 11, 2024
Merged
6 tasks
@Xeroxxx
Copy link

Xeroxxx commented Mar 11, 2024

@DmitriyLewen @knqyf263

Thank you so much for quickly solving this issue! When can we expect the next release of trivy, which will solve the problem with the official trivy Docker images?

@DmitriyLewen
Copy link
Contributor Author

@Xeroxxx https://github.com/aquasecurity/trivy/milestone/32

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@DmitriyLewen DmitriyLewen

Labels
kind/bug Categorizes issue or PR as related to a bug. scan/vulnerability Issues relating to vulnerability scanning target/container-image Issues relating to container image scanning
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix(amazon): check only major version of AL to find advisories DmitriyLewen/trivy
2 participants
@Xeroxxx @DmitriyLewen