[Snyk] Security upgrade nginx from 1.19.3-alpine to 1.27.4-alpine #689
Conversation
…ities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-ALPINE312-CURL-1585256 - https://snyk.io/vuln/SNYK-ALPINE312-CURL-1585256 - https://snyk.io/vuln/SNYK-ALPINE312-FREETYPE-2809179 - https://snyk.io/vuln/SNYK-ALPINE312-OPENSSL-1569452 - https://snyk.io/vuln/SNYK-ALPINE312-ZLIB-2977082
Micro-Learning Topic: Buffer overflow (Detected by phrase)Matched on "Buffer Overflow"A buffer overflow condition exists when a program attempts to put more data in a buffer than it can hold or when a program attempts to put data in a memory area past a buffer. Try a challenge in Secure Code WarriorMicro-Learning Topic: Double free (Detected by phrase)Matched on "Double Free"Double free errors occur when free() is called more than once with the same memory address as an argument. Try a challenge in Secure Code Warrior |
Reviewer's Guide by SourceryThis pull request updates the Dockerfile for the nginx proxy to address security vulnerabilities by upgrading the base image from nginx:1.19.3-alpine to nginx:1.27.4-alpine. The change is implemented by directly modifying the FROM line in the Dockerfile. No diagrams generated as the changes look simple and do not need a visual representation. File-Level Changes
Tips and commandsInteracting with Sourcery
Customizing Your ExperienceAccess your dashboard to:
Getting Help
|
![sourcery-ai[bot]](https://avatars.githubusercontent.com/in/48477?s=60&v=4){kind=small}
There was a problem hiding this comment.
We have skipped reviewing this pull request. Here's why:
- It seems to have been created by a bot ('[Snyk]' found in title). We assume it knows what it's doing!
- We don't review packaging changes - Let us know if you'd like us to change this.
Insecure Access Control (1)
More info on how to fix Insecure Access Control in Dockerfile. 👉 Go to the dashboard for detailed results. 📥 Happy? Share your feedback with us. |
Micro-Learning Topic: Insufficient access control (Detected by phrase)Matched on "Insecure Access Control"Restrictions on what authenticated users are allowed to do are often not properly enforced. Attackers can exploit these flaws to access unauthorized functionality and/or data, such as access other users' accounts, view sensitive files, modify other users’ data, change access rights, etc. Source: https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project Try a challenge in Secure Code Warrior |
Snyk has created this PR to fix 4 vulnerabilities in the dockerfile dependencies of this project.
Keeping your Docker base image up-to-date means you’ll benefit from security fixes in the latest version of your chosen image.
Snyk changed the following file(s):
devenv/docker/blocks/nginx_proxy/DockerfileWe recommend upgrading to
nginx:1.27.4-alpine, as this image has only 2 known vulnerabilities. To do this, merge this pull request, then verify your application still works as expected.Vulnerabilities that will be fixed with an upgrade:
SNYK-ALPINE312-CURL-1585256
SNYK-ALPINE312-CURL-1585256
SNYK-ALPINE312-FREETYPE-2809179
SNYK-ALPINE312-OPENSSL-1569452
SNYK-ALPINE312-ZLIB-2977082
Important
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic
Learn how to fix vulnerabilities with free interactive lessons:
🦉 Double Free
Summary by Sourcery
Upgrade Nginx from 1.19.3-alpine to 1.27.4-alpine to address security vulnerabilities.
Bug Fixes: