From 28c1f5771b7086689b75a094425ded06c2a49a3d Mon Sep 17 00:00:00 2001 From: truecharts-bot Date: Wed, 29 Jun 2022 20:11:02 +0000 Subject: [PATCH] chore: Auto-update chart README [skip ci] --- charts/incubator/wg-easy/CHANGELOG.md | 1 - charts/incubator/wg-easy/security.md | 17 ++++++++--------- charts/incubator/wger/CHANGELOG.md | 10 ++++++++++ charts/incubator/wger/security.md | 4 ++-- charts/stable/emulatorjs/CHANGELOG.md | 9 +++++++++ charts/stable/emulatorjs/security.md | 2 +- 6 files changed, 30 insertions(+), 13 deletions(-) diff --git a/charts/incubator/wg-easy/CHANGELOG.md b/charts/incubator/wg-easy/CHANGELOG.md index 187e5c9e96a..21728bf4ae5 100644 --- a/charts/incubator/wg-easy/CHANGELOG.md +++ b/charts/incubator/wg-easy/CHANGELOG.md @@ -7,4 +7,3 @@ #### Feat * Add WG-Easy Chart ([#2982](https://github.com/truecharts/apps/issues/2982)) - diff --git a/charts/incubator/wg-easy/security.md b/charts/incubator/wg-easy/security.md index 6fa27d9c751..057b01d07eb 100644 --- a/charts/incubator/wg-easy/security.md +++ b/charts/incubator/wg-easy/security.md @@ -12,9 +12,9 @@ hide: ##### Scan Results #### Chart Object: wg-easy/templates/common.yaml - - + + | Type | Misconfiguration ID | Check | Severity | Explaination | Links | |:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------| | Kubernetes Security Check | KSV001 | Process can elevate its own privileges | MEDIUM |
Expand... A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.


Container 'RELEASE-NAME-wg-easy' of Deployment 'RELEASE-NAME-wg-easy' should set 'securityContext.allowPrivilegeEscalation' to false
|
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/misconfig/ksv001
| @@ -49,23 +49,23 @@ hide: #### Container: tccr.io/truecharts/alpine:v3.16.0@sha256:16dc15f3d61a1e30b1df9f839e53636847b6097286b2b74c637b25fd8264f730 (alpine 3.16.0) - + **alpine** - + | No Vulnerabilities found | |:---------------------------------| - + #### Container: weejewel/wg-easy:latest@sha256:fb997c869e6117e05102c38e8ea52788f7fc29f11c7e7b81cf9ed7d4504c9ac0 (alpine 3.11.12) - + **alpine** - + | Package | Vulnerability | Severity | Installed Version | Fixed Version | Links | |:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------| | busybox | CVE-2021-42378 | HIGH | 1.31.1-r10 | 1.31.1-r11 |
Expand...https://access.redhat.com/security/cve/CVE-2021-42378
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://nvd.nist.gov/vuln/detail/CVE-2021-42378
https://security.netapp.com/advisory/ntap-20211223-0002/
https://ubuntu.com/security/notices/USN-5179-1
| @@ -91,7 +91,7 @@ hide: **node-pkg** - + | Package | Vulnerability | Severity | Installed Version | Fixed Version | Links | |:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------| | ansi-regex | CVE-2021-3807 | HIGH | 3.0.0 | 3.0.1, 4.1.1, 5.0.1, 6.0.1 |
Expand...https://access.redhat.com/security/cve/CVE-2021-3807
https://app.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908
https://github.com/advisories/GHSA-93q8-gq69-wqmw
https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9
https://github.com/chalk/ansi-regex/issues/38#issuecomment-924086311
https://github.com/chalk/ansi-regex/issues/38#issuecomment-925924774
https://github.com/chalk/ansi-regex/releases/tag/v6.0.1
https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994
https://linux.oracle.com/cve/CVE-2021-3807.html
https://linux.oracle.com/errata/ELSA-2022-0350.html
https://nvd.nist.gov/vuln/detail/CVE-2021-3807
https://www.oracle.com/security-alerts/cpuapr2022.html
| @@ -100,4 +100,3 @@ hide: | got | CVE-2022-33987 | MEDIUM | 9.6.0 | 11.8.5, 12.1.0 |
Expand...https://github.com/advisories/GHSA-pfrx-2q88-qq97
https://github.com/sindresorhus/got/commit/861ccd9ac2237df762a9e2beed7edd88c60782dc
https://github.com/sindresorhus/got/compare/v12.0.3...v12.1.0
https://github.com/sindresorhus/got/pull/2047
https://github.com/sindresorhus/got/releases/tag/v11.8.5
https://github.com/sindresorhus/got/releases/tag/v12.1.0
https://nvd.nist.gov/vuln/detail/CVE-2022-33987
| | json-schema | CVE-2021-3918 | CRITICAL | 0.2.3 | 0.4.0 |
Expand...https://access.redhat.com/security/cve/CVE-2021-3918
https://github.com/advisories/GHSA-896r-f27r-55mw
https://github.com/kriszyp/json-schema/commit/22f146111f541d9737e832823699ad3528ca7741
https://github.com/kriszyp/json-schema/commit/b62f1da1ff5442f23443d6be6a92d00e65cba93a
https://github.com/kriszyp/json-schema/commit/f6f6a3b02d667aa4ba2d5d50cc19208c4462abfa
https://huntr.dev/bounties/bb6ccd63-f505-4e3a-b55f-cd2662c261a9
https://linux.oracle.com/cve/CVE-2021-3918.html
https://linux.oracle.com/errata/ELSA-2022-0350.html
https://nvd.nist.gov/vuln/detail/CVE-2021-3918
| | minimist | CVE-2021-44906 | CRITICAL | 1.2.5 | 1.2.6 |
Expand...https://access.redhat.com/security/cve/CVE-2021-44906
https://github.com/Marynk/JavaScript-vulnerability-detection/blob/main/minimist%20PoC.zip
https://github.com/advisories/GHSA-xvch-5gv4-984h
https://github.com/substack/minimist/blob/master/index.js#L69
https://github.com/substack/minimist/issues/164
https://nvd.nist.gov/vuln/detail/CVE-2021-44906
https://security.snyk.io/vuln/SNYK-JS-MINIMIST-559764
https://snyk.io/vuln/SNYK-JS-MINIMIST-559764
https://stackoverflow.com/questions/8588563/adding-custom-properties-to-a-function/20278068#20278068
| - diff --git a/charts/incubator/wger/CHANGELOG.md b/charts/incubator/wger/CHANGELOG.md index 8b2bd087c89..ac21181b859 100644 --- a/charts/incubator/wger/CHANGELOG.md +++ b/charts/incubator/wger/CHANGELOG.md @@ -1,6 +1,16 @@ # Changelog
+ +### [wger-0.0.6](https://github.com/truecharts/apps/compare/wger-0.0.5...wger-0.0.6) (2022-06-29) + +#### Chore + +* update docker general non-major ([#3002](https://github.com/truecharts/apps/issues/3002)) +* add ingress on webui aswell ([#3013](https://github.com/truecharts/apps/issues/3013)) + + + ### [wger-0.0.5](https://github.com/truecharts/apps/compare/wger-0.0.4...wger-0.0.5) (2022-06-29) diff --git a/charts/incubator/wger/security.md b/charts/incubator/wger/security.md index 6e478878bce..43219504395 100644 --- a/charts/incubator/wger/security.md +++ b/charts/incubator/wger/security.md @@ -110,7 +110,7 @@ hide: tccr.io/truecharts/alpine:v3.16.0@sha256:16dc15f3d61a1e30b1df9f839e53636847b6097286b2b74c637b25fd8264f730 tccr.io/truecharts/postgresql:v14.4.0@sha256:569f358a5e8fa89564c68625fedc5d9b60580bac3a2e49169faeba23429e55ea tccr.io/truecharts/redis:v7.0.2@sha256:f8d1ed698dc62989cb821727b0d56ff268825714002f4b9715026d1916dfbc69 - wger/server:latest@sha256:78fea660278d316a6a4235c1179a2355370aa1ce80d1ed3e346fbe37420a0b11 + wger/server:latest@sha256:a9dc8d9975760b6ff6d0af36b9e301946e5ec0d94b93ca037077061da41ee4ad - 'tccr.io/truecharts/nginx:v1.23.0@sha256:f4f43b06452c23534106d5dcebdff45fc7737ad360c6b84dda801d55d25548ea' tccr.io/truecharts/alpine:v3.16.0@sha256:16dc15f3d61a1e30b1df9f839e53636847b6097286b2b74c637b25fd8264f730 tccr.io/truecharts/postgresql:v14.4.0@sha256:9f88fe352b51208f9a8fa01a95c07a74751e72629d009230cfe18a427e30550c @@ -439,7 +439,7 @@ hide: -#### Container: wger/server:latest@sha256:78fea660278d316a6a4235c1179a2355370aa1ce80d1ed3e346fbe37420a0b11 (ubuntu 22.04) +#### Container: wger/server:latest@sha256:a9dc8d9975760b6ff6d0af36b9e301946e5ec0d94b93ca037077061da41ee4ad (ubuntu 22.04) **ubuntu** diff --git a/charts/stable/emulatorjs/CHANGELOG.md b/charts/stable/emulatorjs/CHANGELOG.md index 5cc63d37008..d9f8f3f0c4a 100644 --- a/charts/stable/emulatorjs/CHANGELOG.md +++ b/charts/stable/emulatorjs/CHANGELOG.md @@ -1,6 +1,15 @@ # Changelog
+ +### [emulatorjs-2.0.9](https://github.com/truecharts/apps/compare/emulatorjs-2.0.8...emulatorjs-2.0.9) (2022-06-29) + +#### Chore + +* add ingress on webui aswell ([#3013](https://github.com/truecharts/apps/issues/3013)) + + + ### [emulatorjs-2.0.8](https://github.com/truecharts/apps/compare/emulatorjs-2.0.7...emulatorjs-2.0.8) (2022-06-25) diff --git a/charts/stable/emulatorjs/security.md b/charts/stable/emulatorjs/security.md index 5f03f003aa5..f8f4f7a4a79 100644 --- a/charts/stable/emulatorjs/security.md +++ b/charts/stable/emulatorjs/security.md @@ -75,4 +75,4 @@ hide: | Package | Vulnerability | Severity | Installed Version | Fixed Version | Links | |:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------| -| got | CVE-2022-33987 | MEDIUM | 10.7.0 | 11.8.5, 12.1.0 |
Expand...https://github.com/advisories/GHSA-pfrx-2q88-qq97
https://github.com/sindresorhus/got/commit/861ccd9ac2237df762a9e2beed7edd88c60782dc
https://github.com/sindresorhus/got/compare/v12.0.3...v12.1.0
https://github.com/sindresorhus/got/pull/2047
https://github.com/sindresorhus/got/releases/tag/v11.8.5
https://github.com/sindresorhus/got/releases/tag/v12.1.0
https://nvd.nist.gov/vuln/detail/CVE-2022-33987
| +| got | CVE-2022-33987 | MEDIUM | 10.7.0 | 11.8.5, 12.1.0 |
Expand...https://access.redhat.com/security/cve/CVE-2022-33987
https://github.com/advisories/GHSA-pfrx-2q88-qq97
https://github.com/sindresorhus/got/commit/861ccd9ac2237df762a9e2beed7edd88c60782dc
https://github.com/sindresorhus/got/compare/v12.0.3...v12.1.0
https://github.com/sindresorhus/got/pull/2047
https://github.com/sindresorhus/got/releases/tag/v11.8.5
https://github.com/sindresorhus/got/releases/tag/v12.1.0
https://nvd.nist.gov/vuln/detail/CVE-2022-33987
|