Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(security): vulnerabilities found in fabric-all-in-one #2121

Merged

Conversation

zondervancalvez
Copy link
Contributor

Fixes #2056

@zondervancalvez zondervancalvez marked this pull request as ready for review July 20, 2022 05:29
zondervancalvez added a commit to zondervancalvez/cactus that referenced this pull request Jul 20, 2022
Fixes hyperledger-cacti#1876

Depends On: hyperledger-cacti#2121

Signed-off-by: zondervancalvez <zondervan.v.calvez@accenture.com>
@jagpreetsinghsasan
Copy link
Contributor

Thanks for the contribution. This looks more likely a nice to have sort of thing, rather than a vulnerability fix as we dont call the AIO images as production ready, those are just for testing purposes. But yes, still the base image change is a good update.

@zondervancalvez zondervancalvez force-pushed the zondervancalvez/issue2056 branch 3 times, most recently from 764397e to 984b106 Compare July 20, 2022 07:30
zondervancalvez added a commit to zondervancalvez/cactus that referenced this pull request Jul 20, 2022
Fixes hyperledger-cacti#1876

Depends On: hyperledger-cacti#2121

Signed-off-by: zondervancalvez <zondervan.v.calvez@accenture.com>
Copy link
Contributor

@petermetz petermetz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@zondervancalvez LGTM, thank you!

@petermetz petermetz force-pushed the zondervancalvez/issue2056 branch 2 times, most recently from 09d7c73 to e9ae7a2 Compare July 23, 2022 02:46
zondervancalvez added a commit to zondervancalvez/cactus that referenced this pull request Jul 27, 2022
Fixes hyperledger-cacti#1876

Depends On: hyperledger-cacti#2121
Depends On: hyperledger-cacti#2135

Signed-off-by: zondervancalvez <zondervan.v.calvez@accenture.com>
zondervancalvez added a commit to zondervancalvez/cactus that referenced this pull request Jul 27, 2022
Fixes hyperledger-cacti#1876

Depends On: hyperledger-cacti#2121
Depends On: hyperledger-cacti#2135

Signed-off-by: zondervancalvez <zondervan.v.calvez@accenture.com>
@zondervancalvez
Copy link
Contributor Author

@izuru0 @sanvenDev following up for your review. Thank you.

Copy link
Contributor

@petermetz petermetz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@zondervancalvez Please fix the DCO

@zondervancalvez zondervancalvez force-pushed the zondervancalvez/issue2056 branch 2 times, most recently from afdbc08 to b0e59f7 Compare September 1, 2022 06:05
@zondervancalvez
Copy link
Contributor Author

@petermetz DCO is now fixed

zondervancalvez added a commit to zondervancalvez/cactus that referenced this pull request Jul 27, 2023
Fixes hyperledger-cacti#1876

Depends On: hyperledger-cacti#2121
Depends On: hyperledger-cacti#2135

Signed-off-by: zondervancalvez <zondervan.v.calvez@accenture.com>
zondervancalvez added a commit to zondervancalvez/cactus that referenced this pull request Jul 27, 2023
Fixes hyperledger-cacti#1876

Depends On: hyperledger-cacti#2121
Depends On: hyperledger-cacti#2135

Signed-off-by: zondervancalvez <zondervan.v.calvez@accenture.com>
zondervancalvez added a commit to zondervancalvez/cactus that referenced this pull request Aug 3, 2023
Fixes hyperledger-cacti#1876

Depends On: hyperledger-cacti#2121
Depends On: hyperledger-cacti#2135

Signed-off-by: zondervancalvez <zondervan.v.calvez@accenture.com>
zondervancalvez added a commit to zondervancalvez/cactus that referenced this pull request Aug 3, 2023
Fixes hyperledger-cacti#1876

Depends On: hyperledger-cacti#2121
Depends On: hyperledger-cacti#2135

Signed-off-by: zondervancalvez <zondervan.v.calvez@accenture.com>
zondervancalvez added a commit to zondervancalvez/cactus that referenced this pull request Aug 3, 2023
Fixes hyperledger-cacti#1876

Depends On: hyperledger-cacti#2121
Depends On: hyperledger-cacti#2135

Signed-off-by: zondervancalvez <zondervan.v.calvez@accenture.com>
zondervancalvez added a commit to zondervancalvez/cactus that referenced this pull request Aug 7, 2023
Fixes hyperledger-cacti#1876

Depends On: hyperledger-cacti#2121
Depends On: hyperledger-cacti#2135

Signed-off-by: zondervancalvez <zondervan.v.calvez@accenture.com>
zondervancalvez added a commit to zondervancalvez/cactus that referenced this pull request Aug 8, 2023
Fixes hyperledger-cacti#1876

Depends On: hyperledger-cacti#2121
Depends On: hyperledger-cacti#2135

Signed-off-by: zondervancalvez <zondervan.v.calvez@accenture.com>
zondervancalvez added a commit to zondervancalvez/cactus that referenced this pull request Aug 8, 2023
Fixes hyperledger-cacti#1876

Depends On: hyperledger-cacti#2121
Depends On: hyperledger-cacti#2135

Signed-off-by: zondervancalvez <zondervan.v.calvez@accenture.com>
zondervancalvez added a commit to zondervancalvez/cactus that referenced this pull request Aug 9, 2023
Fixes hyperledger-cacti#1876

Depends On: hyperledger-cacti#2121
Depends On: hyperledger-cacti#2135

Signed-off-by: zondervancalvez <zondervan.v.calvez@accenture.com>
zondervancalvez added a commit to zondervancalvez/cactus that referenced this pull request Aug 9, 2023
Fixes hyperledger-cacti#1876

Depends On: hyperledger-cacti#2121
Depends On: hyperledger-cacti#2135

Signed-off-by: zondervancalvez <zondervan.v.calvez@accenture.com>
zondervancalvez added a commit to zondervancalvez/cactus that referenced this pull request Aug 9, 2023
Fixes hyperledger-cacti#1876

Depends On: hyperledger-cacti#2121
Depends On: hyperledger-cacti#2135

Signed-off-by: zondervancalvez <zondervan.v.calvez@accenture.com>
zondervancalvez added a commit to zondervancalvez/cactus that referenced this pull request Aug 15, 2023
Fixes hyperledger-cacti#1876

Depends On: hyperledger-cacti#2121
Depends On: hyperledger-cacti#2135

Signed-off-by: zondervancalvez <zondervan.v.calvez@accenture.com>
zondervancalvez added a commit to zondervancalvez/cactus that referenced this pull request Aug 15, 2023
Fixes hyperledger-cacti#1876

Depends On: hyperledger-cacti#2121
Depends On: hyperledger-cacti#2135

Signed-off-by: zondervancalvez <zondervan.v.calvez@accenture.com>
zondervancalvez added a commit to zondervancalvez/cactus that referenced this pull request Aug 15, 2023
Fixes hyperledger-cacti#1876

Depends On: hyperledger-cacti#2121
Depends On: hyperledger-cacti#2135

Signed-off-by: zondervancalvez <zondervan.v.calvez@accenture.com>
zondervancalvez added a commit to zondervancalvez/cactus that referenced this pull request Aug 15, 2023
Fixes hyperledger-cacti#1876

Depends On: hyperledger-cacti#2121
Depends On: hyperledger-cacti#2135

Signed-off-by: zondervancalvez <zondervan.v.calvez@accenture.com>
zondervancalvez added a commit to zondervancalvez/cactus that referenced this pull request Aug 16, 2023
Fixes hyperledger-cacti#1876

Depends On: hyperledger-cacti#2121
Depends On: hyperledger-cacti#2135

Signed-off-by: zondervancalvez <zondervan.v.calvez@accenture.com>
zondervancalvez added a commit to zondervancalvez/cactus that referenced this pull request Aug 21, 2023
Fixes hyperledger-cacti#1876

Depends On: hyperledger-cacti#2121
Depends On: hyperledger-cacti#2135

Signed-off-by: zondervancalvez <zondervan.v.calvez@accenture.com>
zondervancalvez added a commit to zondervancalvez/cactus that referenced this pull request Aug 23, 2023
Fixes hyperledger-cacti#1876

Depends On: hyperledger-cacti#2121
Depends On: hyperledger-cacti#2135

Signed-off-by: zondervancalvez <zondervan.v.calvez@accenture.com>
zondervancalvez added a commit to zondervancalvez/cactus that referenced this pull request Aug 30, 2023
Fixes hyperledger-cacti#1876

Depends On: hyperledger-cacti#2121
Depends On: hyperledger-cacti#2135

Signed-off-by: zondervancalvez <zondervan.v.calvez@accenture.com>
zondervancalvez added a commit to zondervancalvez/cactus that referenced this pull request Aug 30, 2023
Trivy is a cutting-edge security tool designed to enhance
the safety of containerized applications by conducting thorough
vulnerability assessments. Specifically developed for scanning
container images, ranging from low-severity issues to critical
threats. It employs an intelligent rating system to categorize
vulnerabilities based on their severity levels, ensuring that
high to critical vulnerabilities are given special attention.
Upon detecting vulnerabilities that fall within this elevated
range, Trivy will throw an error.

By integrating Trivy into our deployment pipeline, we can
proactively mitigate security risks and enhance the resilience
of our repository.

Fixes hyperledger-cacti#1876

Depends On: hyperledger-cacti#2121
Depends On: hyperledger-cacti#2135

Signed-off-by: zondervancalvez <zondervan.v.calvez@accenture.com>
zondervancalvez added a commit to zondervancalvez/cactus that referenced this pull request Aug 30, 2023
Trivy is a cutting-edge security tool designed to enhance
the safety of containerized applications by conducting thorough
vulnerability assessments. Specifically developed for scanning
container images, ranging from low-severity issues to critical
threats. It employs an intelligent rating system to categorize
vulnerabilities based on their severity levels, ensuring that
high to critical vulnerabilities are given special attention.
Upon detecting vulnerabilities that fall within this elevated
range, Trivy will throw an error.

By integrating Trivy into our deployment pipeline, we can
proactively mitigate security risks and enhance the resilience
of our repository.

Fixes hyperledger-cacti#1876

Depends On: hyperledger-cacti#2121
Depends On: hyperledger-cacti#2135

Signed-off-by: zondervancalvez <zondervan.v.calvez@accenture.com>
zondervancalvez added a commit to zondervancalvez/cactus that referenced this pull request Sep 7, 2023
Trivy is a cutting-edge security tool designed to enhance
the safety of containerized applications by conducting thorough
vulnerability assessments. Specifically developed for scanning
container images, ranging from low-severity issues to critical
threats. It employs an intelligent rating system to categorize
vulnerabilities based on their severity levels, ensuring that
high to critical vulnerabilities are given special attention.
Upon detecting vulnerabilities that fall within this elevated
range, Trivy will throw an error.

By integrating Trivy into our deployment pipeline, we can
proactively mitigate security risks and enhance the resilience
of our repository.

Fixes hyperledger-cacti#1876

Depends On: hyperledger-cacti#2121
Depends On: hyperledger-cacti#2135

Signed-off-by: zondervancalvez <zondervan.v.calvez@accenture.com>
petermetz pushed a commit to zondervancalvez/cactus that referenced this pull request Sep 7, 2023
Trivy is a cutting-edge security tool designed to enhance
the safety of containerized applications by conducting thorough
vulnerability assessments. Specifically developed for scanning
container images, ranging from low-severity issues to critical
threats. It employs an intelligent rating system to categorize
vulnerabilities based on their severity levels, ensuring that
high to critical vulnerabilities are given special attention.
Upon detecting vulnerabilities that fall within this elevated
range, Trivy will throw an error.

By integrating Trivy into our deployment pipeline, we can
proactively mitigate security risks and enhance the resilience
of our repository.

Fixes hyperledger-cacti#1876

Depends On: hyperledger-cacti#2121
Depends On: hyperledger-cacti#2135

Signed-off-by: zondervancalvez <zondervan.v.calvez@accenture.com>
petermetz pushed a commit that referenced this pull request Sep 7, 2023
Trivy is a cutting-edge security tool designed to enhance
the safety of containerized applications by conducting thorough
vulnerability assessments. Specifically developed for scanning
container images, ranging from low-severity issues to critical
threats. It employs an intelligent rating system to categorize
vulnerabilities based on their severity levels, ensuring that
high to critical vulnerabilities are given special attention.
Upon detecting vulnerabilities that fall within this elevated
range, Trivy will throw an error.

By integrating Trivy into our deployment pipeline, we can
proactively mitigate security risks and enhance the resilience
of our repository.

Fixes #1876

Depends On: #2121
Depends On: #2135

Signed-off-by: zondervancalvez <zondervan.v.calvez@accenture.com>
adrianbatuto pushed a commit to adrianbatuto/cacti that referenced this pull request Sep 8, 2023
Trivy is a cutting-edge security tool designed to enhance
the safety of containerized applications by conducting thorough
vulnerability assessments. Specifically developed for scanning
container images, ranging from low-severity issues to critical
threats. It employs an intelligent rating system to categorize
vulnerabilities based on their severity levels, ensuring that
high to critical vulnerabilities are given special attention.
Upon detecting vulnerabilities that fall within this elevated
range, Trivy will throw an error.

By integrating Trivy into our deployment pipeline, we can
proactively mitigate security risks and enhance the resilience
of our repository.

Fixes hyperledger-cacti#1876

Depends On: hyperledger-cacti#2121
Depends On: hyperledger-cacti#2135

Signed-off-by: zondervancalvez <zondervan.v.calvez@accenture.com>
adrianbatuto added a commit to adrianbatuto/cacti that referenced this pull request Sep 8, 2023
Trivy is a cutting-edge security tool designed to enhance
the safety of containerized applications by conducting thorough
vulnerability assessments. Specifically developed for scanning
container images, ranging from low-severity issues to critical
threats. It employs an intelligent rating system to categorize
vulnerabilities based on their severity levels, ensuring that
high to critical vulnerabilities are given special attention.
Upon detecting vulnerabilities that fall within this elevated
range, Trivy will throw an error.

By integrating Trivy into our deployment pipeline, we can
proactively mitigate security risks and enhance the resilience
of our repository.

Fixes hyperledger-cacti#1876

Depends On: hyperledger-cacti#2121
Depends On: hyperledger-cacti#2135

Signed-off-by: zondervancalvez <zondervan.v.calvez@accenture.com>
adrianbatuto pushed a commit to adrianbatuto/cacti that referenced this pull request Sep 20, 2023
Trivy is a cutting-edge security tool designed to enhance
the safety of containerized applications by conducting thorough
vulnerability assessments. Specifically developed for scanning
container images, ranging from low-severity issues to critical
threats. It employs an intelligent rating system to categorize
vulnerabilities based on their severity levels, ensuring that
high to critical vulnerabilities are given special attention.
Upon detecting vulnerabilities that fall within this elevated
range, Trivy will throw an error.

By integrating Trivy into our deployment pipeline, we can
proactively mitigate security risks and enhance the resilience
of our repository.

Fixes hyperledger-cacti#1876

Depends On: hyperledger-cacti#2121
Depends On: hyperledger-cacti#2135

Signed-off-by: zondervancalvez <zondervan.v.calvez@accenture.com>
sandeepnRES pushed a commit to sandeepnRES/cacti that referenced this pull request Dec 21, 2023
Trivy is a cutting-edge security tool designed to enhance
the safety of containerized applications by conducting thorough
vulnerability assessments. Specifically developed for scanning
container images, ranging from low-severity issues to critical
threats. It employs an intelligent rating system to categorize
vulnerabilities based on their severity levels, ensuring that
high to critical vulnerabilities are given special attention.
Upon detecting vulnerabilities that fall within this elevated
range, Trivy will throw an error.

By integrating Trivy into our deployment pipeline, we can
proactively mitigate security risks and enhance the resilience
of our repository.

Fixes hyperledger-cacti#1876

Depends On: hyperledger-cacti#2121
Depends On: hyperledger-cacti#2135

Signed-off-by: zondervancalvez <zondervan.v.calvez@accenture.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

fix(security): vulnerabilities found in fabric-all-in-one
4 participants