librewolf
/
bunkerized-nginx
mirror of https://github.com/bunkerity/bunkerized-nginx
4
0
Fork 1
Code Issues Projects Releases Wiki Activity

ignore CVE-2022-30065 until we have a fix

This commit is contained in:
bunkerity 2022-07-19 12:04:10 +02:00
parent f0ddb8328e
commit 850a8057cf
No known key found for this signature in database
GPG Key ID: 3D80806F12602A7C
3 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
.github/workflows/dev.yml vendored
View File

@ -345,6 +345,7 @@ jobs:
exit-code: 1
ignore-unfixed: false
severity: UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL
trivyignores: .trivyignore
- name: Check security vulnerabilities for autoconf
uses: aquasecurity/trivy-action@master
with:
@ -354,6 +355,7 @@ jobs:
exit-code: 1
ignore-unfixed: false
severity: UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL
trivyignores: .trivyignore
- name: Check security vulnerabilities for UI
uses: aquasecurity/trivy-action@master
with:
@ -363,6 +365,7 @@ jobs:
exit-code: 1
ignore-unfixed: false
severity: UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL
trivyignores: .trivyignore
# Prepare tests
- name: Install tests dependencies

1
.trivyignore Normal file
View File

@ -0,0 +1 @@
CVE-2022-30065

2
autoconf/Dockerfile
View File

@ -48,7 +48,7 @@ RUN apk add --no-cache git && \
ln -s /proc/1/fd/1 /var/log/letsencrypt/letsencrypt.log
# Fix CVEs
RUN apk add "libssl1.1>=1.1.1q-r0" "libcrypto1.1>=1.1.1q-r0" "git>=2.32.3-r0" "ncurses-libs>=6.2_p20210612-r1" "ncurses-terminfo-base>=6.2_p20210612-r1" "busybox>=1.35.0-r17" "ssl_client>=1.35.0-r17"
RUN apk add "libssl1.1>=1.1.1q-r0" "libcrypto1.1>=1.1.1q-r0" "git>=2.32.3-r0" "ncurses-libs>=6.2_p20210612-r1" "ncurses-terminfo-base>=6.2_p20210612-r1"
VOLUME /data /etc/nginx