fix: [Snyk] Security upgrade ubuntu from 22.04 to kinetic (!141) · Merge requests · OSDU Software / OSDU Data Platform / Domain Data Management Services / Reservoir / Open ETP Server

Fabien Bosquet requested to merge bosquet/security_upgrade_ubuntu into main May 03, 2023

Type of change

Bug Fix
Feature

Does this introduce a change in the core logic?

[Yes]

Does this introduce a change in the cloud provider implementation, if so which cloud?

AWS
Azure
GCP
IBM

Updates description?

Keeping your Docker base image up-to-date means you’ll benefit from security fixes in the latest version of your chosen image. We recommend upgrading to ubuntu:kinetic, as this image has only 7 known vulnerabilities. To do this, merge this pull request, then verify your application still works as expected.

Some of the most important vulnerabilities in your base image include:

Priority Score / 1000	Issue	Exploit Maturity
150	Out-of-bounds Write SNYK-UBUNTU2204-BASH-3098342	No Known Exploit
150	Improper Certificate Validation SNYK-UBUNTU2204-OPENSSL-5296052	No Known Exploit
150	Improper Certificate Validation SNYK-UBUNTU2204-OPENSSL-5296082	No Known Exploit
221	CVE-2023-29383 SNYK-UBUNTU2204-SHADOW-5425688	No Known Exploit
221	CVE-2023-29383 SNYK-UBUNTU2204-SHADOW-5425688	No Known Exploit

Edited May 03, 2023 by Fabien Bosquet

fix: [Snyk] Security upgrade ubuntu from 22.04 to kinetic

Type of change

Does this introduce a change in the core logic?

Does this introduce a change in the cloud provider implementation, if so which cloud?

Updates description?

Merge request reports