Skip to content

Commit

Permalink
docs: VHD release notes for 202308.16.0 (#3544)
Browse files Browse the repository at this point in the history
  • Loading branch information
@ganeshkumarashok
ganeshkumarashok authored Aug 18, 2023
1 parent 38db64d commit cfcdd29
Show file tree
Hide file tree
Showing 168 changed files with 146,169 additions and 2,220 deletions.
808 changes: 808 additions & 0 deletions vhdbuilder/release-notes/AKSCBLMariner/gen1/202308.16.0-image-list.json
View file

Large diffs are not rendered by default.

1,628 changes: 1,628 additions & 0 deletions vhdbuilder/release-notes/AKSCBLMariner/gen1/202308.16.0-trivy-images-table.txt
View file

Large diffs are not rendered by default.

2,407 changes: 2,407 additions & 0 deletions vhdbuilder/release-notes/AKSCBLMariner/gen1/202308.16.0-trivy-report.json
View file

Large diffs are not rendered by default.

467 changes: 467 additions & 0 deletions vhdbuilder/release-notes/AKSCBLMariner/gen1/202308.16.0.txt
View file

Large diffs are not rendered by default.

38 changes: 28 additions & 10 deletions vhdbuilder/release-notes/AKSCBLMariner/gen1/latest-image-list.json
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"sku": "V1",
"imageVersion": "202308.10.0",
"imageVersion": "202308.16.0",
"imageBom": [
{
"id": "sha256:059484fa426da9daa08645d2746974cfe3379e3bbb0723a47d17195fac09e1ce",
Expand Down Expand Up @@ -74,15 +74,6 @@
"sha256:0627489ae5258a22f60004cd6d38adb57237628ade195420c52d9c4342373416"
]
},
{
"id": "sha256:2344f81e67ed16789b737ecd9370450bae26c30ff14f5581a377db486682b0de",
"repoTags": [
"mcr.microsoft.com/oss/kubernetes-csi/azurefile-csi:v1.24.3"
],
"repoDigests": [
"sha256:440ebccd0ec6305aa16dfdf1344b47873e3ad7f4536c4ccfa2f11661ddcb5aa8"
]
},
{
"id": "sha256:2b4b1c4b345674fabb11873753893dd1df0c51af972d52ba1f9a2e901482bf33",
"repoTags": [
Expand Down Expand Up @@ -137,6 +128,15 @@
"sha256:781a52c707944c8b062321ee60f737857e68165087beda5eeb17a45cd115963b"
]
},
{
"id": "sha256:3ec3f0197a486936a5a6a0c2319c1fb5d284557144399f685131b5043833f4ea",
"repoTags": [
"mcr.microsoft.com/oss/open-policy-agent/gatekeeper:v3.13.0"
],
"repoDigests": [
"sha256:af83c896c3071b0ae4a2c201721ef32d64fe42cddf2e3bd05dfaa2fea9ad15f3"
]
},
{
"id": "sha256:415688a2a94d2164260d59d3d1973313e1daf7c245998a5742c0f117255403c3",
"repoTags": [
Expand Down Expand Up @@ -191,6 +191,15 @@
"sha256:6fee210e78756207a3a32c105847c4a27fd02bcb3a458f99716484735a1b9831"
]
},
{
"id": "sha256:650c9bc1594cc2118ec7911f2b3d1df9710917432fae40b4f8b74aa63587d091",
"repoTags": [
"mcr.microsoft.com/oss/kubernetes-csi/azurefile-csi:v1.24.5"
],
"repoDigests": [
"sha256:d7b6fc05b82969de106eafea8ebab5d78d9470867a695685c16c408135a426c6"
]
},
{
"id": "sha256:65b2c7659eb2cfe8026f95e96ffd4a9baae79e45e8e39dcaa618bced2c09f8b6",
"repoTags": [
Expand Down Expand Up @@ -371,6 +380,15 @@
"sha256:5735db598627ca42f47d060f59c21f3f72d17f0342da0097414b8b5dbdb6f492"
]
},
{
"id": "sha256:8989efdd57edb4b573ff73fa95a8a3808418532e5875fd64435b94634fd55a20",
"repoTags": [
"mcr.microsoft.com/azuremonitor/containerinsights/ciprod/prometheus-collector/images:6.7.4-main-08-11-2023-6de2ec55"
],
"repoDigests": [
"sha256:47a8284195c883f3eef6b555661f95c1ce7c4286fb83eb4eea1f5f86e5c9b047"
]
},
{
"id": "sha256:8b867be8be312c220a132b3448309f5e22f0eaa8b8a8af5d526563542f7da69b",
"repoTags": [
Expand Down
65 changes: 63 additions & 2 deletions vhdbuilder/release-notes/AKSCBLMariner/gen1/latest-trivy-images-table.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -158,6 +158,62 @@ mcr.microsoft.com/azuremonitor/containerinsights/ciprod/prometheus-collector/ima
Total: 0 (HIGH: 0, CRITICAL: 0)


opt/microsoft/otelcollector/otelcollector (gobinary)
====================================================
Total: 2 (HIGH: 2, CRITICAL: 0)

┌────────────────────────────────┬────────────────┬──────────┬──────────────────────┬──────────────────┬──────────────────────────────────────────────────┐
│ Library │ Vulnerability │ Severity │ Installed Version │ Fixed Version │ Title │
├────────────────────────────────┼────────────────┼──────────┼──────────────────────┼──────────────────┼──────────────────────────────────────────────────┤
│ github.com/docker/distribution │ CVE-2023-2253 │ HIGH │ v2.8.1+incompatible │ 2.8.2-beta.1 │ DoS from malicious API request │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2023-2253 │
├────────────────────────────────┼────────────────┤ ├──────────────────────┼──────────────────┼──────────────────────────────────────────────────┤
│ github.com/docker/docker │ CVE-2023-28840 │ │ v23.0.1+incompatible │ 23.0.3, 20.10.24 │ Encrypted overlay network may be unauthenticated │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2023-28840 │
└────────────────────────────────┴────────────────┴──────────┴──────────────────────┴──────────────────┴──────────────────────────────────────────────────┘

opt/promconfigvalidator (gobinary)
==================================
Total: 2 (HIGH: 2, CRITICAL: 0)

┌────────────────────────────────┬────────────────┬──────────┬──────────────────────┬──────────────────┬──────────────────────────────────────────────────┐
│ Library │ Vulnerability │ Severity │ Installed Version │ Fixed Version │ Title │
├────────────────────────────────┼────────────────┼──────────┼──────────────────────┼──────────────────┼──────────────────────────────────────────────────┤
│ github.com/docker/distribution │ CVE-2023-2253 │ HIGH │ v2.8.1+incompatible │ 2.8.2-beta.1 │ DoS from malicious API request │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2023-2253 │
├────────────────────────────────┼────────────────┤ ├──────────────────────┼──────────────────┼──────────────────────────────────────────────────┤
│ github.com/docker/docker │ CVE-2023-28840 │ │ v23.0.1+incompatible │ 23.0.3, 20.10.24 │ Encrypted overlay network may be unauthenticated │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2023-28840 │
└────────────────────────────────┴────────────────┴──────────┴──────────────────────┴──────────────────┴──────────────────────────────────────────────────┘

usr/bin/telegraf (gobinary)
===========================
Total: 5 (HIGH: 5, CRITICAL: 0)

┌────────────────────────────────────┬────────────────┬──────────┬────────────────────────┬──────────────────┬────────────────────────────────────────────────────────────┐
│ Library │ Vulnerability │ Severity │ Installed Version │ Fixed Version │ Title │
├────────────────────────────────────┼────────────────┼──────────┼────────────────────────┼──────────────────┼────────────────────────────────────────────────────────────┤
│ github.com/docker/distribution │ CVE-2023-2253 │ HIGH │ v2.8.1+incompatible │ 2.8.2-beta.1 │ DoS from malicious API request │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2023-2253 │
├────────────────────────────────────┼────────────────┤ ├────────────────────────┼──────────────────┼────────────────────────────────────────────────────────────┤
│ github.com/docker/docker │ CVE-2023-28840 │ │ v20.10.17+incompatible │ 23.0.3, 20.10.24 │ Encrypted overlay network may be unauthenticated │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2023-28840 │
├────────────────────────────────────┼────────────────┤ ├────────────────────────┼──────────────────┼────────────────────────────────────────────────────────────┤
│ github.com/opencontainers/runc │ CVE-2023-27561 │ │ v1.1.3 │ 1.1.5 │ volume mount race condition (regression of CVE-2019-19921) │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2023-27561 │
├────────────────────────────────────┼────────────────┤ ├────────────────────────┼──────────────────┼────────────────────────────────────────────────────────────┤
│ github.com/snowflakedb/gosnowflake │ CVE-2023-34231 │ │ v1.6.13 │ 1.6.19 │ Snowflake Golang Driver vulnerable to Command Injection │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2023-34231 │
├────────────────────────────────────┼────────────────┤ ├────────────────────────┼──────────────────┼────────────────────────────────────────────────────────────┤
│ golang.org/x/net │ CVE-2022-41723 │ │ v0.5.0 │ 0.7.0 │ avoid quadratic complexity in HPACK decoding │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2022-41723 │
└────────────────────────────────────┴────────────────┴──────────┴────────────────────────┴──────────────────┴────────────────────────────────────────────────────────────┘

mcr.microsoft.com/azuremonitor/containerinsights/ciprod/prometheus-collector/images:6.7.4-main-08-11-2023-6de2ec55 (cbl-mariner 2.0.20230805)
=============================================================================================================================================
Total: 0 (HIGH: 0, CRITICAL: 0)


opt/microsoft/otelcollector/otelcollector (gobinary)
====================================================
Total: 2 (HIGH: 2, CRITICAL: 0)
Expand Down Expand Up @@ -477,12 +533,12 @@ mcr.microsoft.com/oss/kubernetes-csi/azuredisk-csi:v1.28.2 (alpine 3.15.1)
Total: 0 (HIGH: 0, CRITICAL: 0)


mcr.microsoft.com/oss/kubernetes-csi/azurefile-csi:v1.24.3 (alpine 3.15.1)
mcr.microsoft.com/oss/kubernetes-csi/azurefile-csi:v1.24.4 (alpine 3.15.1)
==========================================================================
Total: 0 (HIGH: 0, CRITICAL: 0)


mcr.microsoft.com/oss/kubernetes-csi/azurefile-csi:v1.24.4 (alpine 3.15.1)
mcr.microsoft.com/oss/kubernetes-csi/azurefile-csi:v1.24.5 (alpine 3.15.1)
==========================================================================
Total: 0 (HIGH: 0, CRITICAL: 0)

Expand Down Expand Up @@ -1546,6 +1602,11 @@ mcr.microsoft.com/oss/open-policy-agent/gatekeeper:v3.11.1 (debian 11.6)
Total: 0 (HIGH: 0, CRITICAL: 0)


mcr.microsoft.com/oss/open-policy-agent/gatekeeper:v3.13.0 (debian 11.7)
========================================================================
Total: 0 (HIGH: 0, CRITICAL: 0)


usr/local/bin/operator (gobinary)
=================================
Total: 4 (HIGH: 4, CRITICAL: 0)
Expand Down
Loading

0 comments on commit cfcdd29

Please sign in to comment.