Description of problem: We had customer issue which pointed out that our images have vulnerabilities. Customer Case : https://access.redhat.com/support/cases/#/case/02771740 How reproducible: Customer used jFrog xray tool to scan
Verified
- Pulled the maven agent from 4.7.0-0.nightly-2020-10-15-111254 and it works well and doesnt seems to e breaking anything - used jenkins-agent-maven- quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:2e7d39c86252a3edcca9aaed3871d18fb6f7030054e555a1b16524e245eae487 - Installed Quay Container Security to check for any vulnerabilities but it doesnt show any.
*** Bug 1888650 has been marked as a duplicate of this bug. ***
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: OpenShift Container Platform 4.7.0 security, bug fix, and enhancement update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2020:5633