diff --git a/charts/library/common/CHANGELOG.md b/charts/library/common/CHANGELOG.md index a43a162439e..1120fdd66ec 100644 --- a/charts/library/common/CHANGELOG.md +++ b/charts/library/common/CHANGELOG.md @@ -1,6 +1,16 @@ # Changelog
+ +### [common-9.1.0](https://github.com/truecharts/apps/compare/common-9.0.1...common-9.1.0) (2022-03-06) + +#### Feat + +* bump and patch docker-compose disable +* allow shared ip ([#2033](https://github.com/truecharts/apps/issues/2033)) + + + ### [common-9.0.0](https://github.com/truecharts/apps/compare/common-8.17.3...common-9.0.0) (2022-03-03) diff --git a/docs/apps/stable/grist/security.md b/docs/apps/stable/grist/security.md index 156641f8c61..c7bf1dadbe9 100644 --- a/docs/apps/stable/grist/security.md +++ b/docs/apps/stable/grist/security.md @@ -12,9 +12,9 @@ hide: ##### Scan Results #### Chart Object: grist/templates/common.yaml - - + + | Type | Misconfiguration ID | Check | Severity | Explaination | Links | |:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------| | Kubernetes Security Check | KSV001 | Process can elevate its own privileges | MEDIUM |
Expand... A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.


Container 'hostpatch' of Deployment 'RELEASE-NAME-grist' should set 'securityContext.allowPrivilegeEscalation' to false
|
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv001
| @@ -52,11 +52,11 @@ hide: #### Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2) - + **alpine** - + | Package | Vulnerability | Severity | Installed Version | Fixed Version | Links | |:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------| | busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://security.netapp.com/advisory/ntap-20211223-0002/
https://ubuntu.com/security/notices/USN-5179-1
| @@ -84,11 +84,11 @@ hide: #### Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2) - + **alpine** - + | Package | Vulnerability | Severity | Installed Version | Fixed Version | Links | |:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------| | busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://security.netapp.com/advisory/ntap-20211223-0002/
https://ubuntu.com/security/notices/USN-5179-1
| @@ -116,11 +116,11 @@ hide: #### Container: tccr.io/truecharts/grist:v0.7.5@sha256:1167922bec1f019de3cc0463f97f1bd3cad1d104ceee4d31e26d74493d6f79fc (debian 10.11) - + **debian** - + | Package | Vulnerability | Severity | Installed Version | Fixed Version | Links | |:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------| | apt | CVE-2011-3374 | LOW | 1.8.2.3 | |
Expand...https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
| @@ -261,7 +261,7 @@ hide: **node-pkg** - + | Package | Vulnerability | Severity | Installed Version | Fixed Version | Links | |:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------| | ajv | CVE-2020-15366 | MEDIUM | 6.12.2 | 6.12.3 |
Expand...https://github.com/advisories/GHSA-v88g-cgmw-v5xw
https://github.com/ajv-validator/ajv/commit/65b2f7d76b190ac63a0d4e9154c712d7aa37049f
https://github.com/ajv-validator/ajv/releases/tag/v6.12.3
https://github.com/ajv-validator/ajv/tags
https://hackerone.com/bugs?subject=user&report_id=894259
https://linux.oracle.com/cve/CVE-2020-15366.html
https://linux.oracle.com/errata/ELSA-2021-0551.html
https://nvd.nist.gov/vuln/detail/CVE-2020-15366
https://snyk.io/vuln/SNYK-JS-AJV-584908
| @@ -355,11 +355,10 @@ hide: **python-pkg** - + | Package | Vulnerability | Severity | Installed Version | Fixed Version | Links | |:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------| | lxml | CVE-2021-43818 | HIGH | 4.6.3 | 4.6.5 |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43818
https://github.com/advisories/GHSA-55x5-fj6c-h6m8
https://github.com/lxml/lxml/blob/lxml-4.6.5/CHANGES.txt
https://github.com/lxml/lxml/commit/12fa9669007180a7bb87d990c375cf91ca5b664a
https://github.com/lxml/lxml/commit/12fa9669007180a7bb87d990c375cf91ca5b664a (lxml-4.6.5)
https://github.com/lxml/lxml/commit/a3eacbc0dcf1de1c822ec29fb7d090a4b1712a9c#diff-59130575b4fb2932c957db2922977d7d89afb0b2085357db1a14615a2fcad776
https://github.com/lxml/lxml/commit/f2330237440df7e8f39c3ad1b1aa8852be3b27c0
https://github.com/lxml/lxml/commit/f2330237440df7e8f39c3ad1b1aa8852be3b27c0 (lxml-4.6.5)
https://github.com/lxml/lxml/security/advisories/GHSA-55x5-fj6c-h6m8
https://lists.debian.org/debian-lts-announce/2021/12/msg00037.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TUIS2KE3HZ2AAQKXFLTJFZPP2IFHJTC7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V2XMOM5PFT6U5AAXY6EFNT5JZCKKHK2V/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGNET2A4WGLSUXLBFYKNC5PXHQMI3I7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQ4SPKJX3RRJK4UWA6FXCRHD2TVRQI44/
https://nvd.nist.gov/vuln/detail/CVE-2021-43818
https://security.netapp.com/advisory/ntap-20220107-0005/
https://ubuntu.com/security/notices/USN-5225-1
https://www.debian.org/security/2022/dsa-5043
| | pip | CVE-2019-20916 | HIGH | 18.1 | 19.2 |
Expand...http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00005.html
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00010.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20916
https://github.com/advisories/GHSA-gpvv-69j7-gwj8
https://github.com/gzpan123/pip/commit/a4c735b14a62f9cb864533808ac63936704f2ace
https://github.com/pypa/pip/commit/a4c735b14a62f9cb864533808ac63936704f2ace (19.2)
https://github.com/pypa/pip/compare/19.1.1...19.2
https://github.com/pypa/pip/issues/6413
https://linux.oracle.com/cve/CVE-2019-20916.html
https://linux.oracle.com/errata/ELSA-2020-4654.html
https://lists.debian.org/debian-lts-announce/2020/09/msg00010.html
https://nvd.nist.gov/vuln/detail/CVE-2019-20916
https://ubuntu.com/security/notices/USN-4601-1
| | pip | CVE-2021-28363 | MEDIUM | 18.1 | 21.1 |
Expand...https://github.com/advisories/GHSA-5phf-pp7p-vc2r
https://github.com/pypa/advisory-db/tree/main/vulns/urllib3/PYSEC-2021-59.yaml
https://github.com/urllib3/urllib3/blob/main/CHANGES.rst#1264-2021-03-15
https://github.com/urllib3/urllib3/commit/8d65ea1ecf6e2cdc27d42124e587c1b83a3118b0
https://github.com/urllib3/urllib3/commits/main
https://github.com/urllib3/urllib3/releases/tag/1.26.4
https://github.com/urllib3/urllib3/security/advisories/GHSA-5phf-pp7p-vc2r
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4S65ZQVZ2ODGB52IC7VJDBUK4M5INCXL/
https://nvd.nist.gov/vuln/detail/CVE-2021-28363
https://pypi.org/project/urllib3/1.26.4/
https://security.gentoo.org/glsa/202107-36
https://www.oracle.com/security-alerts/cpuoct2021.html
| | pip | CVE-2021-3572 | MEDIUM | 18.1 | 21.1 |
Expand...https://access.redhat.com/errata/RHSA-2021:3254
https://bugzilla.redhat.com/show_bug.cgi?id=1962856
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3572
https://github.com/advisories/GHSA-5xp3-jfq3-5q8x
https://github.com/pypa/pip/commit/e46bdda9711392fec0c45c1175bae6db847cb30b
https://github.com/pypa/pip/issues/10042
https://github.com/pypa/pip/issues/10042#issuecomment-857452480
https://github.com/pypa/pip/pull/9827
https://github.com/skazi0/CVE-2021-3572/blob/master/CVE-2021-3572-v9.0.1.patch
https://linux.oracle.com/cve/CVE-2021-3572.html
https://linux.oracle.com/errata/ELSA-2021-4455.html
https://nvd.nist.gov/vuln/detail/CVE-2021-3572
https://packetstormsecurity.com/files/162712/USN-4961-1.txt
| - diff --git a/docs/index.yaml b/docs/index.yaml index f399db93a0d..0298a091242 100644 --- a/docs/index.yaml +++ b/docs/index.yaml @@ -6217,6 +6217,27 @@ entries: - https://github.com/truecharts/apps/releases/download/collabora-online-9.0.20/collabora-online-9.0.20.tgz version: 9.0.20 common: + - apiVersion: v2 + appVersion: latest + created: "2022-03-06T14:25:17.069623893Z" + description: Function library for TrueCharts + digest: e90b9e1e36da0cf064c22b2c4f23b9024fce88b0f526e67768d6eb160003068e + home: https://github.com/truecharts/apps/tree/master/charts/common + icon: https://avatars.githubusercontent.com/u/76400755 + keywords: + - truecharts + - library-chart + - common + kubeVersion: '>=1.16.0-0' + maintainers: + - email: info@truecharts.org + name: TrueCharts + url: https://truecharts.org + name: common + type: library + urls: + - https://github.com/truecharts/apps/releases/download/common-9.1.0/common-9.1.0.tgz + version: 9.1.0 - apiVersion: v2 appVersion: latest created: "2022-03-03T14:39:18.98831079Z" @@ -18545,40 +18566,6 @@ entries: - https://github.com/truecharts/apps/releases/download/grav-2.0.21/grav-2.0.21.tgz version: 2.0.21 grist: - - annotations: - truecharts.org/SCALE-support: "true" - truecharts.org/catagories: | - - productivity - truecharts.org/grade: U - apiVersion: v2 - appVersion: 0.7.5 - created: "2022-03-06T14:10:29.046558196Z" - dependencies: - - name: common - repository: https://truecharts.org - version: 9.0.0 - description: Grist is a modern relational spreadsheet. It combine the flexibility - of a spreadsheet with the robustness of a database to organize your data. - digest: 7358d49165298aded3a04dc2d55e48c040dab85f48a745fc76ae1d21c6c751dc - home: https://github.com/truecharts/apps/tree/master/charts/stable/grist - icon: https://truecharts.org/_static/img/appicons/grist-icon.png - keywords: - - grist - - spreadsheet - - database - kubeVersion: '>=1.16.0-0' - maintainers: - - email: info@truecharts.org - name: TrueCharts - url: https://truecharts.org - name: grist - sources: - - https://hub.docker.com/r/gristlabs/grist - - https://github.com/gristlabs/grist-core - - https://support.getgrist.com/ - urls: - - https://github.com/truecharts/apps/releases/download/grist-1.0.3/grist-1.0.3.tgz - version: 1.0.3 - annotations: truecharts.org/SCALE-support: "true" truecharts.org/catagories: | @@ -67968,4 +67955,4 @@ entries: urls: - https://github.com/truecharts/apps/releases/download/zwavejs2mqtt-9.0.24/zwavejs2mqtt-9.0.24.tgz version: 9.0.24 -generated: "2022-03-06T14:10:29.052776345Z" +generated: "2022-03-06T14:25:17.075153837Z"