diff --git a/charts/incubator/cups-server/CHANGELOG.md b/charts/incubator/cups-server/CHANGELOG.md index db47f3cac61..1331eb025c0 100644 --- a/charts/incubator/cups-server/CHANGELOG.md +++ b/charts/incubator/cups-server/CHANGELOG.md @@ -7,4 +7,3 @@ #### Feat * add cups-server ([#2614](https://github.com/truecharts/apps/issues/2614)) - diff --git a/charts/incubator/cups-server/security.md b/charts/incubator/cups-server/security.md index ba6a175ee59..6fc944d08c4 100644 --- a/charts/incubator/cups-server/security.md +++ b/charts/incubator/cups-server/security.md @@ -12,9 +12,9 @@ hide: ##### Scan Results #### Chart Object: cups-server/templates/common.yaml - - + + | Type | Misconfiguration ID | Check | Severity | Explaination | Links | |:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------| | Kubernetes Security Check | KSV001 | Process can elevate its own privileges | MEDIUM |
Expand... A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.


Container 'hostpatch' of Deployment 'RELEASE-NAME-cups-server' should set 'securityContext.allowPrivilegeEscalation' to false
|
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv001
| @@ -52,11 +52,11 @@ hide: #### Container: tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583 (alpine 3.15.2) - + **alpine** - + | Package | Vulnerability | Severity | Installed Version | Fixed Version | Links | |:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------| | busybox | CVE-2022-28391 | CRITICAL | 1.34.1-r4 | 1.34.1-r5 |
Expand...https://access.redhat.com/security/cve/CVE-2022-28391
https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch
https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch
https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661
https://nvd.nist.gov/vuln/detail/CVE-2022-28391
| @@ -73,11 +73,11 @@ hide: #### Container: tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583 (alpine 3.15.2) - + **alpine** - + | Package | Vulnerability | Severity | Installed Version | Fixed Version | Links | |:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------| | busybox | CVE-2022-28391 | CRITICAL | 1.34.1-r4 | 1.34.1-r5 |
Expand...https://access.redhat.com/security/cve/CVE-2022-28391
https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch
https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch
https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661
https://nvd.nist.gov/vuln/detail/CVE-2022-28391
| @@ -94,11 +94,11 @@ hide: #### Container: ydkn/cups:latest@sha256:d84f17af1e712413903d9035eda2c4bbbe9431d86712b7924efbe467be9be764 (debian 10.12) - + **debian** - + | Package | Vulnerability | Severity | Installed Version | Fixed Version | Links | |:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------| | apt | CVE-2011-3374 | LOW | 1.8.2.3 | |
Expand...https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
| @@ -622,4 +622,3 @@ hide: | wget | CVE-2021-31879 | MEDIUM | 1.20.1-1.1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-31879
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31879
https://mail.gnu.org/archive/html/bug-wget/2021-02/msg00002.html
https://nvd.nist.gov/vuln/detail/CVE-2021-31879
https://savannah.gnu.org/bugs/?56909
https://security.netapp.com/advisory/ntap-20210618-0002/
| | xdg-user-dirs | CVE-2017-15131 | LOW | 0.17-2 | |
Expand...https://access.redhat.com/errata/RHSA-2018:0842
https://access.redhat.com/security/cve/CVE-2017-15131
https://bugzilla.redhat.com/show_bug.cgi?id=1412762
https://linux.oracle.com/cve/CVE-2017-15131.html
https://linux.oracle.com/errata/ELSA-2018-0842.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
| | xterm | CVE-2006-4447 | LOW | 344-1+deb10u2 | |
Expand...http://lists.freedesktop.org/archives/xorg/2006-June/016146.html
http://mail.gnome.org/archives/beast/2006-December/msg00025.html
http://secunia.com/advisories/21650
http://secunia.com/advisories/21660
http://secunia.com/advisories/21693
http://secunia.com/advisories/22332
http://secunia.com/advisories/25032
http://secunia.com/advisories/25059
http://security.gentoo.org/glsa/glsa-200608-25.xml
http://security.gentoo.org/glsa/glsa-200704-22.xml
http://www.debian.org/security/2006/dsa-1193
http://www.kb.cert.org/vuls/id/300368
http://www.mandriva.com/security/advisories?name=MDKSA-2006:160
http://www.securityfocus.com/bid/19742
http://www.securityfocus.com/bid/23697
http://www.vupen.com/english/advisories/2006/3409
http://www.vupen.com/english/advisories/2007/0409
| - diff --git a/charts/stable/tdarr-node/CHANGELOG.md b/charts/stable/tdarr-node/CHANGELOG.md index 35a3138047e..82858014487 100644 --- a/charts/stable/tdarr-node/CHANGELOG.md +++ b/charts/stable/tdarr-node/CHANGELOG.md @@ -1,6 +1,11 @@ # Changelog
+ +### [tdarr-node-1.0.0](https://github.com/truecharts/apps/compare/tdarr-node-3.0.0...tdarr-node-1.0.0) (2022-05-05) + + + ### [tdarr-node-3.0.0](https://github.com/truecharts/apps/compare/tdarr-node-2.0.15...tdarr-node-3.0.0) (2022-05-05) diff --git a/charts/stable/tdarr/CHANGELOG.md b/charts/stable/tdarr/CHANGELOG.md index 9241232dec6..238ff844569 100644 --- a/charts/stable/tdarr/CHANGELOG.md +++ b/charts/stable/tdarr/CHANGELOG.md @@ -1,6 +1,11 @@ # Changelog
+ +### [tdarr-1.0.0](https://github.com/truecharts/apps/compare/tdarr-3.0.0...tdarr-1.0.0) (2022-05-05) + + + ### [tdarr-3.0.0](https://github.com/truecharts/apps/compare/tdarr-2.0.15...tdarr-3.0.0) (2022-05-05)