Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Adding VersionStream for gitlab-cng-17.8 #39814

Merged
merged 5 commits into from
Jan 17, 2025

also drop x/net

eb82dcc
Select commit
Loading
Failed to load commit list.
Merged

Adding VersionStream for gitlab-cng-17.8 #39814

also drop x/net
eb82dcc
Select commit
Loading
Failed to load commit list.
Octo STS / ci-cve-scan failed Jan 17, 2025 in 0s

CVE scan report

CVE scan report

Details

aarch64/gitaly-config-17.8-17.8.0-r0.apk

✅ No vulnerabilities found

aarch64/gitlab-base-17.8-17.8.0-r0.apk

✅ No vulnerabilities found

aarch64/gitlab-certificates-17.8-17.8.0-r0.apk

✅ No vulnerabilities found

aarch64/gitlab-cfssl-self-sign-scripts-17.8-17.8.0-r0.apk

✅ No vulnerabilities found

aarch64/gitlab-cng-17.8-17.8.0-r0.apk

✅ No vulnerabilities found

aarch64/gitlab-container-registry-17.8-17.8.0-r0.apk

✅ No vulnerabilities found

aarch64/gitlab-container-registry-compat-17.8-17.8.0-r0.apk

✅ No vulnerabilities found

aarch64/gitlab-container-registry-scripts-17.8-17.8.0-r0.apk

✅ No vulnerabilities found

aarch64/gitlab-elasticsearch-indexer-17.8-17.8.0-r0.apk

└── 📄 /usr/bin/gitlab-elasticsearch-indexer
        📦 golang.org/x/net v0.30.0 (go-module)
            High CVE-2024-45338 GHSA-w32m-9786-jp63 fixed in 0.33.0

aarch64/gitlab-elasticsearch-indexer-compat-17.8-17.8.0-r0.apk

✅ No vulnerabilities found

aarch64/gitlab-exporter-17.8-17.8.0-r0.apk

├── 📄 /usr/lib/ruby/gems/3.2.0/specifications/puma-5.6.8.gemspec
│       📦 puma 5.6.8 (gem)
│           Medium CVE-2024-45614 GHSA-9hf4-67fc-4vf4 fixed in 5.6.9
└── 📄 /usr/lib/ruby/gems/3.2.0/specifications/sinatra-2.2.4.gemspec
        📦 sinatra 2.2.4 (gem)
            Medium CVE-2024-21510 GHSA-hxx2-7vcw-mqr3 fixed in 4.1.0

aarch64/gitlab-exporter-scripts-17.8-17.8.0-r0.apk

✅ No vulnerabilities found

aarch64/gitlab-geo-logcursor-scripts-17.8-17.8.0-r0.apk

✅ No vulnerabilities found

aarch64/gitlab-gitaly-scripts-17.8-17.8.0-r0.apk

✅ No vulnerabilities found

aarch64/gitlab-logger-17.8-17.8.0-r0.apk

✅ No vulnerabilities found

aarch64/gitlab-logger-compat-17.8-17.8.0-r0.apk

✅ No vulnerabilities found

aarch64/gitlab-mailroom-17.8-17.8.0-r0.apk

✅ No vulnerabilities found

aarch64/gitlab-mailroom-scripts-17.8-17.8.0-r0.apk

✅ No vulnerabilities found

aarch64/gitlab-pages-scripts-17.8-17.8.0-r0.apk

✅ No vulnerabilities found

aarch64/gitlab-rails-scripts-17.8-17.8.0-r0.apk

✅ No vulnerabilities found

aarch64/gitlab-shell-17.8-17.8.0-r0.apk

├── 📄 /srv/gitlab-shell/bin/gitlab-shell
│       📦 golang.org/x/net v0.26.0 (go-module)
│           High CVE-2024-45338 GHSA-w32m-9786-jp63 fixed in 0.33.0
├── 📄 /srv/gitlab-shell/bin/gitlab-shell-authorized-keys-check
│       📦 golang.org/x/net v0.26.0 (go-module)
│           High CVE-2024-45338 GHSA-w32m-9786-jp63 fixed in 0.33.0
├── 📄 /srv/gitlab-shell/bin/gitlab-shell-authorized-principals-check
│       📦 golang.org/x/net v0.26.0 (go-module)
│           High CVE-2024-45338 GHSA-w32m-9786-jp63 fixed in 0.33.0
├── 📄 /srv/gitlab-shell/bin/gitlab-shell-check
│       📦 golang.org/x/net v0.26.0 (go-module)
│           High CVE-2024-45338 GHSA-w32m-9786-jp63 fixed in 0.33.0
└── 📄 /srv/gitlab-shell/bin/gitlab-sshd
        📦 golang.org/x/crypto v0.26.0 (go-module)
            Critical CVE-2024-45337 GHSA-v778-237x-gjrc fixed in 0.31.0
        📦 golang.org/x/net v0.26.0 (go-module)
            High CVE-2024-45338 GHSA-w32m-9786-jp63 fixed in 0.33.0

aarch64/gitlab-shell-scripts-17.8-17.8.0-r0.apk

✅ No vulnerabilities found

aarch64/gitlab-shell-scripts-compat-17.8-17.8.0-r0.apk

✅ No vulnerabilities found

aarch64/gitlab-sidekiq-scripts-17.8-17.8.0-r0.apk

✅ No vulnerabilities found

aarch64/gitlab-toolbox-scripts-17.8-17.8.0-r0.apk

✅ No vulnerabilities found

aarch64/gitlab-webservice-config-17.8-17.8.0-r0.apk

✅ No vulnerabilities found

aarch64/gitlab-webservice-scripts-17.8-17.8.0-r0.apk

✅ No vulnerabilities found

aarch64/gitlab-workhorse-scripts-17.8-17.8.0-r0.apk

✅ No vulnerabilities found

x86_64/gitaly-config-17.8-17.8.0-r0.apk

✅ No vulnerabilities found

x86_64/gitlab-base-17.8-17.8.0-r0.apk

✅ No vulnerabilities found

x86_64/gitlab-certificates-17.8-17.8.0-r0.apk

✅ No vulnerabilities found

x86_64/gitlab-cfssl-self-sign-scripts-17.8-17.8.0-r0.apk

✅ No vulnerabilities found

x86_64/gitlab-cng-17.8-17.8.0-r0.apk

✅ No vulnerabilities found

x86_64/gitlab-container-registry-17.8-17.8.0-r0.apk

✅ No vulnerabilities found

x86_64/gitlab-container-registry-compat-17.8-17.8.0-r0.apk

✅ No vulnerabilities found

x86_64/gitlab-container-registry-scripts-17.8-17.8.0-r0.apk

✅ No vulnerabilities found

x86_64/gitlab-elasticsearch-indexer-17.8-17.8.0-r0.apk

└── 📄 /usr/bin/gitlab-elasticsearch-indexer
        📦 golang.org/x/net v0.30.0 (go-module)
            High CVE-2024-45338 GHSA-w32m-9786-jp63 fixed in 0.33.0

x86_64/gitlab-elasticsearch-indexer-compat-17.8-17.8.0-r0.apk

✅ No vulnerabilities found

x86_64/gitlab-exporter-17.8-17.8.0-r0.apk

├── 📄 /usr/lib/ruby/gems/3.2.0/specifications/puma-5.6.8.gemspec
│       📦 puma 5.6.8 (gem)
│           Medium CVE-2024-45614 GHSA-9hf4-67fc-4vf4 fixed in 5.6.9
└── 📄 /usr/lib/ruby/gems/3.2.0/specifications/sinatra-2.2.4.gemspec
        📦 sinatra 2.2.4 (gem)
            Medium CVE-2024-21510 GHSA-hxx2-7vcw-mqr3 fixed in 4.1.0

x86_64/gitlab-exporter-scripts-17.8-17.8.0-r0.apk

✅ No vulnerabilities found

x86_64/gitlab-geo-logcursor-scripts-17.8-17.8.0-r0.apk

✅ No vulnerabilities found

x86_64/gitlab-gitaly-scripts-17.8-17.8.0-r0.apk

✅ No vulnerabilities found

x86_64/gitlab-logger-17.8-17.8.0-r0.apk

✅ No vulnerabilities found

x86_64/gitlab-logger-compat-17.8-17.8.0-r0.apk

✅ No vulnerabilities found

x86_64/gitlab-mailroom-17.8-17.8.0-r0.apk

✅ No vulnerabilities found

x86_64/gitlab-mailroom-scripts-17.8-17.8.0-r0.apk

✅ No vulnerabilities found

x86_64/gitlab-pages-scripts-17.8-17.8.0-r0.apk

✅ No vulnerabilities found

x86_64/gitlab-rails-scripts-17.8-17.8.0-r0.apk

✅ No vulnerabilities found

x86_64/gitlab-shell-17.8-17.8.0-r0.apk

├── 📄 /srv/gitlab-shell/bin/gitlab-shell
│       📦 golang.org/x/net v0.26.0 (go-module)
│           High CVE-2024-45338 GHSA-w32m-9786-jp63 fixed in 0.33.0
├── 📄 /srv/gitlab-shell/bin/gitlab-shell-authorized-keys-check
│       📦 golang.org/x/net v0.26.0 (go-module)
│           High CVE-2024-45338 GHSA-w32m-9786-jp63 fixed in 0.33.0
├── 📄 /srv/gitlab-shell/bin/gitlab-shell-authorized-principals-check
│       📦 golang.org/x/net v0.26.0 (go-module)
│           High CVE-2024-45338 GHSA-w32m-9786-jp63 fixed in 0.33.0
├── 📄 /srv/gitlab-shell/bin/gitlab-shell-check
│       📦 golang.org/x/net v0.26.0 (go-module)
│           High CVE-2024-45338 GHSA-w32m-9786-jp63 fixed in 0.33.0
└── 📄 /srv/gitlab-shell/bin/gitlab-sshd
        📦 golang.org/x/crypto v0.26.0 (go-module)
            Critical CVE-2024-45337 GHSA-v778-237x-gjrc fixed in 0.31.0
        📦 golang.org/x/net v0.26.0 (go-module)
            High CVE-2024-45338 GHSA-w32m-9786-jp63 fixed in 0.33.0

x86_64/gitlab-shell-scripts-17.8-17.8.0-r0.apk

✅ No vulnerabilities found

x86_64/gitlab-shell-scripts-compat-17.8-17.8.0-r0.apk

✅ No vulnerabilities found

x86_64/gitlab-sidekiq-scripts-17.8-17.8.0-r0.apk

✅ No vulnerabilities found

x86_64/gitlab-toolbox-scripts-17.8-17.8.0-r0.apk

✅ No vulnerabilities found

x86_64/gitlab-webservice-config-17.8-17.8.0-r0.apk

✅ No vulnerabilities found

x86_64/gitlab-webservice-scripts-17.8-17.8.0-r0.apk

✅ No vulnerabilities found

x86_64/gitlab-workhorse-scripts-17.8-17.8.0-r0.apk

✅ No vulnerabilities found
View more details on Octo STS