Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Etcd fails Clair scan for high risk vulnerabilities #559

Closed
eak13 opened this issue Jun 3, 2021 · 3 comments
Closed

Etcd fails Clair scan for high risk vulnerabilities #559

eak13 opened this issue Jun 3, 2021 · 3 comments
Assignees
@diwakarchitoor21
Labels
6-upstream/images For upstream issues related to quay, docker, images, etc. bug Something isn't working size s
Milestone
v2.1

Comments

@eak13
Copy link

eak13 commented Jun 3, 2021
edited
Loading

Describe the bug
Clair scans have identified several high risk vulnerabilities in Etcd. See attached for details.
This is a tracking issue to ensure that the images used by Airshipctl are updated once the vulnerabilities have been resolved.

Version of etcd which was evaluated is v3.4.3 for etcd. Etcd versions is determined based on Kubernetes/kubeadm versions.

Steps To Reproduce
Run Clair scan against the images.

Expected behavior
No high risk security vulnerabilities are found.
etcd-4198ba6-2021-05-31_15-52-04.txt
@eak13 eak13 added bug Something isn't working triage Needs evaluation by project members labels Jun 3, 2021
@jezogwza jezogwza added 6-upstream/images For upstream issues related to quay, docker, images, etc. and removed triage Needs evaluation by project members labels Jun 9, 2021
@jezogwza jezogwza added this to the v2.2 milestone Jun 9, 2021
@sshiba
Copy link

sshiba commented Jul 1, 2021

Hi Andrew, can you assign this issue to me? Thanks

@sshiba
Copy link

sshiba commented Jul 1, 2021

Here is what I found for kubernetes v1.20 for etcd:

COMPONENT                 CURRENT    AVAILABLE
kube-apiserver            v1.19.6    v1.20.1
kube-controller-manager   v1.19.6    v1.20.1
kube-scheduler            v1.19.6    v1.20.1
kube-proxy                v1.19.6    v1.20.1
CoreDNS                   1.7.0      1.7.0
etcd                      3.4.13-0   3.4.13-0

Run Clair in jenkins job (etcd:3.4.13-0) and it passed (https://jenkins-nc.wnv2b.cci.att.com/job/images/job/open-images/1401/console).

What should be the next step? Provide recommendations for kubernetes v1.20.x?

@jezogwza jezogwza modified the milestones: v2.2, v2.1 Jul 7, 2021
@eak13 eak13 mentioned this issue Jul 9, 2021
Closed
@lb4368 lb4368 added the size s label Jul 12, 2021
@eak13 eak13 assigned diwakarchitoor21 and unassigned sshiba Aug 16, 2021
@eak13
Copy link
Author

eak13 commented Oct 25, 2021

We are upgrade K8s, so accepting this

@eak13 eak13 closed this as completed Oct 25, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@diwakarchitoor21 diwakarchitoor21

Labels
6-upstream/images For upstream issues related to quay, docker, images, etc. bug Something isn't working size s
Projects
None yet
Milestone
v2.1
Development

No branches or pull requests
5 participants
@lb4368 @sshiba @eak13 @jezogwza @diwakarchitoor21