Bug 2107495 - openshift4/ose-operator-registry:4.10.0 having security vulnerabilities
Summary: openshift4/ose-operator-registry:4.10.0 having security vulnerabilities
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: OLM
Version: 4.10
Hardware: Unspecified
OS: Unspecified
high
high
Target Milestone: ---
: 4.10.z
Assignee: Luke Meyer
QA Contact: Jian Zhang
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2022-07-15 08:40 UTC by Ashwini M. Khaire
Modified: 2023-09-18 04:42 UTC (History)
2 users (show)

Fixed In Version: ose-cluster-image-registry-operator-container-v4.7.0-202207192115.p0.g70a8588.assembly.stream
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2022-08-09 02:36:15 UTC
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2022:5875 0 None None None 2022-08-09 02:37:05 UTC

Description Ashwini M. Khaire 2022-07-15 08:40:43 UTC
Description of problem:

CU ran scans against the image `openshift4/ose-operator-registry i.e. v4.10.0-202206300918.p0.gffc9cbc.assembly.stream`. The `go` version is `1.17.5` and vulnerabilities are still there.

Version-Release number of selected component (if applicable):
openshift4/ose-operator-registry:4.10.0
go package version 1.17.5

Attaching the security scan report in the comment section.

Comment 15 errata-xmlrpc 2022-08-09 02:36:15 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: OpenShift Container Platform 4.10.26 security update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2022:5875

Comment 16 Red Hat Bugzilla 2023-09-18 04:42:02 UTC
The needinfo request[s] on this closed bug have been removed as they have been unresolved for 120 days


Note You need to log in before you can comment on or make changes to this bug.