-
Notifications
You must be signed in to change notification settings - Fork 398
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Snyk] Security upgrade python from 3.11.8-slim-bookworm to 3.11.9-slim-bookworm #4026
base: main
Are you sure you want to change the base?
Conversation
The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-DEBIAN12-SYSTEMD-6277507 - https://snyk.io/vuln/SNYK-DEBIAN12-SYSTEMD-6277507 - https://snyk.io/vuln/SNYK-DEBIAN12-OPENSSL-6048820 - https://snyk.io/vuln/SNYK-DEBIAN12-OPENSSL-6148845 - https://snyk.io/vuln/SNYK-DEBIAN12-OPENSSL-6190223
Deploying windmill with
|
Latest commit: |
34241a9
|
Status: | ✅ Deploy successful! |
Preview URL: | https://ab4663de.windmill.pages.dev |
Branch Preview URL: | https://snyk-fix-92d43d0f280d3cb3880.windmill.pages.dev |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
👍 Looks good to me! Reviewed everything up to 34241a9 in 22 seconds
More details
- Looked at
13
lines of code in1
files - Skipped
0
files when reviewing. - Skipped posting
1
drafted comments based on config settings.
1. Dockerfile:3
- Draft comment:
The update from Python 3.11.8 to 3.11.9 in the Dockerfile is a minor version update intended to address specific security vulnerabilities. This is a standard practice for maintaining security in dependencies. Ensure that the application's compatibility with the new Python version is tested, especially if Python-specific features or third-party Python packages are heavily used. - Reason this comment was not posted:
Confidence changes required:0%
The PR is focused on updating the Python base image from version 3.11.8 to 3.11.9 to address security vulnerabilities. The change is minimal and specific, only altering the version number of the Python image used in the Dockerfile. This is a typical maintenance update to keep the software dependencies up-to-date and secure. The PR description provided by Snyk outlines the vulnerabilities addressed by this update, which are related to the Python image. The Dockerfile itself is complex, involving multiple stages and base images, but the change made here is isolated to the Python image version.
Workflow ID: wflow_BaFWp8eFx4av1ibs
You can customize Ellipsis with 👍 / 👎 feedback, review rules, user-specific overrides, quiet
mode, and more.
🔍 Vulnerabilities of
|
digest | sha256:3cd9142983f92357aa228f9b31be41ec7943158f0898763ece24a7b048c9617e |
vulnerabilities | |
size | 871 MB |
packages | 1377 |
📦 Base Image python:043c23ff9a5da35da7f5490229d65173962308a400a0d0cada66e44bd7b4a5f8
also known as |
|
digest | sha256:642b83290b5254bbe4bf72ee85b86b3496689d263e237b379039bced52fe358d |
vulnerabilities |
Description
Description
Description
| ||||||||||||||||||||||||||||||||||||||||
Description
| ||||||||||||||||||||||||||||||||||||||||
Description
| ||||||||||||||||||||||||||||||||||||||||
Description
Description
Description
Description
| ||||||||||||||||||||||||||||||||||||||||
Description
Description
Description
| ||||||||||||||||||||||||||||||||||||||||
Description
Description
| ||||||||||||||||||||||||||||||||||||||||
Description
| ||||||||||||||||||||||||||||||||||||||||
Description
|
This PR was automatically created by Snyk using the credentials of a real user.
![snyk-top-banner](https://github.com/andygongea/OWASP-Benchmark/assets/818805/c518c423-16fe-447e-b67f-ad5a49b5d123)
Snyk has created this PR to fix 4 vulnerabilities in the dockerfile dependencies of this project.
Keeping your Docker base image up-to-date means you’ll benefit from security fixes in the latest version of your chosen image.
Snyk changed the following file(s):
Dockerfile
We recommend upgrading to
python:3.11.9-slim-bookworm
, as this image has only 49 known vulnerabilities. To do this, merge this pull request, then verify your application still works as expected.Vulnerabilities that will be fixed with an upgrade:
SNYK-DEBIAN12-SYSTEMD-6277507
SNYK-DEBIAN12-SYSTEMD-6277507
SNYK-DEBIAN12-OPENSSL-6048820
SNYK-DEBIAN12-OPENSSL-6148845
SNYK-DEBIAN12-OPENSSL-6190223
Important
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:![](https://camo.githubusercontent.com/5543efd04348ef3809514cbd262eb78fd4617944cd22d3ecc3c6b10b74a5402e/68747470733a2f2f6170692e7365676d656e742e696f2f76312f706978656c2f747261636b3f646174613d65794a33636d6c305a55746c65534936496e4a79576d785a634564485932527954485a7362306c596430645563566734576b4652546e4e434f5545774969776959573576626e6c746233567a535751694f694a6b4f4467794d7a4a6c4d69316d4d544d334c5451334d544d745957526b5a6930304f544934597a59335a6d51334d7a49694c434a6c646d567564434936496c425349485a705a58646c5a434973496e42796233426c636e52705a584d694f6e736963484a4a5a434936496d51344f44497a4d6d55794c5759784d7a63744e4463784d7931685a47526d4c5451354d6a686a4e6a646d5a44637a4d694a3966513d3d)
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic
Learn how to fix vulnerabilities with free interactive lessons:
🦉 Allocation of Resources Without Limits or Throttling
Summary:
Update
Dockerfile
to usepython:3.11.9-slim-bookworm
to address security vulnerabilities.Key points:
Dockerfile
to usepython:3.11.9-slim-bookworm
instead ofpython:3.11.8-slim-bookworm
.systemd
andopenssl
in the previous image version.Generated with ❤️ by ellipsis.dev