Commit new App releases for TrueCharts

Signed-off-by: TrueCharts-Bot <bot@truecharts.org>

core/k8s-gateway/5.0.14/CHANGELOG.md

@@ -1,6 +1,15 @@
 # Changelog<br>
 
 
+<a name="k8s-gateway-5.0.14"></a>
+### [k8s-gateway-5.0.14](https://github.com/truecharts/apps/compare/k8s-gateway-5.0.13...k8s-gateway-5.0.14) (2022-05-04)
+
+#### Chore
+
+* update docker general non-major ([#2606](https://github.com/truecharts/apps/issues/2606))
+
+
+
 <a name="k8s-gateway-5.0.13"></a>
 ### [k8s-gateway-5.0.13](https://github.com/truecharts/apps/compare/k8s-gateway-5.0.12...k8s-gateway-5.0.13) (2022-04-26)
 
@@ -88,12 +97,3 @@
 ### [k8s-gateway-5.0.0](https://github.com/truecharts/apps/compare/k8s-gateway-4.0.44...k8s-gateway-5.0.0) (2022-03-03)
 
 #### Chore
-
-* remove fixed env from questions.yaml
-* remove empty env var declaration from questions.yaml
-* update helm general major helm releases ([#2021](https://github.com/truecharts/apps/issues/2021))
-
-#### Fix
-
-* BREAKING CHANGE Move some env-vars outside of env section ([#2010](https://github.com/truecharts/apps/issues/2010))
-

core/k8s-gateway/5.0.14/Chart.lock

@@ -3,4 +3,4 @@ dependencies:
   repository: https://library-charts.truecharts.org
   version: 9.3.2
 digest: sha256:4514044d0d416a02c0029081a25943395114bcb29df51a2ede27d4257f71d412
-generated: "2022-04-28T05:43:30.053826515Z"
+generated: "2022-05-04T21:08:46.211410624Z"

core/k8s-gateway/5.0.14/Chart.yaml

@@ -1,5 +1,5 @@
 apiVersion: v2
-appVersion: "0.2.4"
+appVersion: "0.3.0"
 dependencies:
 - name: common
   repository: https://library-charts.truecharts.org
@@ -20,7 +20,7 @@ name: k8s-gateway
 sources:
 - https://github.com/ori-edge/k8s_gateway
 type: application
-version: 5.0.13
+version: 5.0.14
 annotations:
   truecharts.org/catagories: |
     - networking

core/k8s-gateway/5.0.14/ix_values.yaml

@@ -1,7 +1,7 @@
 image:
   repository: tccr.io/truecharts/k8s_gateway
   pullPolicy: IfNotPresent
-  tag: v0.2.4@sha256:cc621e57c73aab461b64e561d56181c9f67b59d006ab548fedfee660f08965f9
+  tag: v0.3.0@sha256:035b4488071258db2f2e543c21c93f1c6ca5fbf13ae132aac9579afa5843a4b9
 
 securityContext:
   runAsNonRoot: false

core/k8s-gateway/5.0.14/questions.yaml

@@ -1313,7 +1313,7 @@ questions:
                                                   - variable: exceptint
                                                     label: ""
                                                     schema:
-                                                      type: int
+                                                      type: string
                                       - variable: namespaceSelector
                                         label: "namespaceSelector"
                                         schema:
@@ -1482,7 +1482,7 @@ questions:
                                                   - variable: exceptint
                                                     label: ""
                                                     schema:
-                                                      type: int
+                                                      type: string
                                       - variable: namespaceSelector
                                         label: "namespaceSelector"
                                         schema:

core/k8s-gateway/5.0.14/security.md

@@ -45,7 +45,7 @@ hide:
 
           tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583
           tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583
-          tccr.io/truecharts/k8s_gateway:v0.2.4@sha256:cc621e57c73aab461b64e561d56181c9f67b59d006ab548fedfee660f08965f9
+          tccr.io/truecharts/k8s_gateway:v0.3.0@sha256:035b4488071258db2f2e543c21c93f1c6ca5fbf13ae132aac9579afa5843a4b9
 
 ##### Scan Results
 
@@ -58,9 +58,17 @@ hide:
 
 | Package         |    Vulnerability   |   Severity  |  Installed Version | Fixed Version |                   Links                   |
 |:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
-| busybox         |    CVE-2022-28391   |   CRITICAL  |  1.34.1-r4 | 1.34.1-r5 | <details><summary>Expand...</summary><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch</a><br><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch</a><br><a href="https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661">https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-28391">https://nvd.nist.gov/vuln/detail/CVE-2022-28391</a><br></details>  |
-| ssl_client         |    CVE-2022-28391   |   CRITICAL  |  1.34.1-r4 | 1.34.1-r5 | <details><summary>Expand...</summary><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch</a><br><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch</a><br><a href="https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661">https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-28391">https://nvd.nist.gov/vuln/detail/CVE-2022-28391</a><br></details>  |
-| zlib         |    CVE-2018-25032   |   HIGH  |  1.2.11-r3 | 1.2.12-r0 | <details><summary>Expand...</summary><a href="http://www.openwall.com/lists/oss-security/2022/03/25/2">http://www.openwall.com/lists/oss-security/2022/03/25/2</a><br><a href="http://www.openwall.com/lists/oss-security/2022/03/26/1">http://www.openwall.com/lists/oss-security/2022/03/26/1</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-25032">https://access.redhat.com/security/cve/CVE-2018-25032</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032</a><br><a href="https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531">https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531</a><br><a href="https://github.com/madler/zlib/compare/v1.2.11...v1.2.12">https://github.com/madler/zlib/compare/v1.2.11...v1.2.12</a><br><a href="https://github.com/madler/zlib/issues/605">https://github.com/madler/zlib/issues/605</a><br><a href="https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4">https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4</a><br><a href="https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5">https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5</a><br><a href="https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ">https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html">https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2018-25032">https://nvd.nist.gov/vuln/detail/CVE-2018-25032</a><br><a href="https://ubuntu.com/security/notices/USN-5355-1">https://ubuntu.com/security/notices/USN-5355-1</a><br><a href="https://ubuntu.com/security/notices/USN-5355-2">https://ubuntu.com/security/notices/USN-5355-2</a><br><a href="https://ubuntu.com/security/notices/USN-5359-1">https://ubuntu.com/security/notices/USN-5359-1</a><br><a href="https://www.debian.org/security/2022/dsa-5111">https://www.debian.org/security/2022/dsa-5111</a><br><a href="https://www.openwall.com/lists/oss-security/2022/03/24/1">https://www.openwall.com/lists/oss-security/2022/03/24/1</a><br><a href="https://www.openwall.com/lists/oss-security/2022/03/28/1">https://www.openwall.com/lists/oss-security/2022/03/28/1</a><br><a href="https://www.openwall.com/lists/oss-security/2022/03/28/3">https://www.openwall.com/lists/oss-security/2022/03/28/3</a><br></details>  |
+| busybox         |    CVE-2022-28391   |   CRITICAL  |  1.34.1-r4 | 1.34.1-r5 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-28391">https://access.redhat.com/security/cve/CVE-2022-28391</a><br><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch</a><br><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch</a><br><a href="https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661">https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-28391">https://nvd.nist.gov/vuln/detail/CVE-2022-28391</a><br></details>  |
+| curl         |    CVE-2022-22576   |   MEDIUM  |  7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-22576">https://access.redhat.com/security/cve/CVE-2022-22576</a><br><a href="https://curl.se/docs/CVE-2022-22576.html">https://curl.se/docs/CVE-2022-22576.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details>  |
+| curl         |    CVE-2022-27774   |   MEDIUM  |  7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27774">https://access.redhat.com/security/cve/CVE-2022-27774</a><br><a href="https://curl.se/docs/CVE-2022-27774.html">https://curl.se/docs/CVE-2022-27774.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details>  |
+| curl         |    CVE-2022-27776   |   MEDIUM  |  7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27776">https://access.redhat.com/security/cve/CVE-2022-27776</a><br><a href="https://curl.se/docs/CVE-2022-27776.html">https://curl.se/docs/CVE-2022-27776.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details>  |
+| curl         |    CVE-2022-27775   |   LOW  |  7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27775">https://access.redhat.com/security/cve/CVE-2022-27775</a><br><a href="https://curl.se/docs/CVE-2022-27775.html">https://curl.se/docs/CVE-2022-27775.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details>  |
+| libcurl         |    CVE-2022-22576   |   MEDIUM  |  7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-22576">https://access.redhat.com/security/cve/CVE-2022-22576</a><br><a href="https://curl.se/docs/CVE-2022-22576.html">https://curl.se/docs/CVE-2022-22576.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details>  |
+| libcurl         |    CVE-2022-27774   |   MEDIUM  |  7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27774">https://access.redhat.com/security/cve/CVE-2022-27774</a><br><a href="https://curl.se/docs/CVE-2022-27774.html">https://curl.se/docs/CVE-2022-27774.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details>  |
+| libcurl         |    CVE-2022-27776   |   MEDIUM  |  7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27776">https://access.redhat.com/security/cve/CVE-2022-27776</a><br><a href="https://curl.se/docs/CVE-2022-27776.html">https://curl.se/docs/CVE-2022-27776.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details>  |
+| libcurl         |    CVE-2022-27775   |   LOW  |  7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27775">https://access.redhat.com/security/cve/CVE-2022-27775</a><br><a href="https://curl.se/docs/CVE-2022-27775.html">https://curl.se/docs/CVE-2022-27775.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details>  |
+| ssl_client         |    CVE-2022-28391   |   CRITICAL  |  1.34.1-r4 | 1.34.1-r5 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-28391">https://access.redhat.com/security/cve/CVE-2022-28391</a><br><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch</a><br><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch</a><br><a href="https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661">https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-28391">https://nvd.nist.gov/vuln/detail/CVE-2022-28391</a><br></details>  |
+| zlib         |    CVE-2018-25032   |   HIGH  |  1.2.11-r3 | 1.2.12-r0 | <details><summary>Expand...</summary><a href="http://www.openwall.com/lists/oss-security/2022/03/25/2">http://www.openwall.com/lists/oss-security/2022/03/25/2</a><br><a href="http://www.openwall.com/lists/oss-security/2022/03/26/1">http://www.openwall.com/lists/oss-security/2022/03/26/1</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-25032">https://access.redhat.com/security/cve/CVE-2018-25032</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032</a><br><a href="https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531">https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531</a><br><a href="https://github.com/madler/zlib/compare/v1.2.11...v1.2.12">https://github.com/madler/zlib/compare/v1.2.11...v1.2.12</a><br><a href="https://github.com/madler/zlib/issues/605">https://github.com/madler/zlib/issues/605</a><br><a href="https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4">https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4</a><br><a href="https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5">https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5</a><br><a href="https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ">https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ</a><br><a href="https://linux.oracle.com/cve/CVE-2018-25032.html">https://linux.oracle.com/cve/CVE-2018-25032.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-1642.html">https://linux.oracle.com/errata/ELSA-2022-1642.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html">https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2018-25032">https://nvd.nist.gov/vuln/detail/CVE-2018-25032</a><br><a href="https://ubuntu.com/security/notices/USN-5355-1">https://ubuntu.com/security/notices/USN-5355-1</a><br><a href="https://ubuntu.com/security/notices/USN-5355-2">https://ubuntu.com/security/notices/USN-5355-2</a><br><a href="https://ubuntu.com/security/notices/USN-5359-1">https://ubuntu.com/security/notices/USN-5359-1</a><br><a href="https://www.debian.org/security/2022/dsa-5111">https://www.debian.org/security/2022/dsa-5111</a><br><a href="https://www.openwall.com/lists/oss-security/2022/03/24/1">https://www.openwall.com/lists/oss-security/2022/03/24/1</a><br><a href="https://www.openwall.com/lists/oss-security/2022/03/28/1">https://www.openwall.com/lists/oss-security/2022/03/28/1</a><br><a href="https://www.openwall.com/lists/oss-security/2022/03/28/3">https://www.openwall.com/lists/oss-security/2022/03/28/3</a><br></details>  |
 
 
 #### Container: tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583 (alpine 3.15.2)
@@ -71,9 +79,17 @@ hide:
 
 | Package         |    Vulnerability   |   Severity  |  Installed Version | Fixed Version |                   Links                   |
 |:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
-| busybox         |    CVE-2022-28391   |   CRITICAL  |  1.34.1-r4 | 1.34.1-r5 | <details><summary>Expand...</summary><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch</a><br><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch</a><br><a href="https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661">https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-28391">https://nvd.nist.gov/vuln/detail/CVE-2022-28391</a><br></details>  |
-| ssl_client         |    CVE-2022-28391   |   CRITICAL  |  1.34.1-r4 | 1.34.1-r5 | <details><summary>Expand...</summary><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch</a><br><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch</a><br><a href="https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661">https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-28391">https://nvd.nist.gov/vuln/detail/CVE-2022-28391</a><br></details>  |
-| zlib         |    CVE-2018-25032   |   HIGH  |  1.2.11-r3 | 1.2.12-r0 | <details><summary>Expand...</summary><a href="http://www.openwall.com/lists/oss-security/2022/03/25/2">http://www.openwall.com/lists/oss-security/2022/03/25/2</a><br><a href="http://www.openwall.com/lists/oss-security/2022/03/26/1">http://www.openwall.com/lists/oss-security/2022/03/26/1</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-25032">https://access.redhat.com/security/cve/CVE-2018-25032</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032</a><br><a href="https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531">https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531</a><br><a href="https://github.com/madler/zlib/compare/v1.2.11...v1.2.12">https://github.com/madler/zlib/compare/v1.2.11...v1.2.12</a><br><a href="https://github.com/madler/zlib/issues/605">https://github.com/madler/zlib/issues/605</a><br><a href="https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4">https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4</a><br><a href="https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5">https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5</a><br><a href="https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ">https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html">https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2018-25032">https://nvd.nist.gov/vuln/detail/CVE-2018-25032</a><br><a href="https://ubuntu.com/security/notices/USN-5355-1">https://ubuntu.com/security/notices/USN-5355-1</a><br><a href="https://ubuntu.com/security/notices/USN-5355-2">https://ubuntu.com/security/notices/USN-5355-2</a><br><a href="https://ubuntu.com/security/notices/USN-5359-1">https://ubuntu.com/security/notices/USN-5359-1</a><br><a href="https://www.debian.org/security/2022/dsa-5111">https://www.debian.org/security/2022/dsa-5111</a><br><a href="https://www.openwall.com/lists/oss-security/2022/03/24/1">https://www.openwall.com/lists/oss-security/2022/03/24/1</a><br><a href="https://www.openwall.com/lists/oss-security/2022/03/28/1">https://www.openwall.com/lists/oss-security/2022/03/28/1</a><br><a href="https://www.openwall.com/lists/oss-security/2022/03/28/3">https://www.openwall.com/lists/oss-security/2022/03/28/3</a><br></details>  |
+| busybox         |    CVE-2022-28391   |   CRITICAL  |  1.34.1-r4 | 1.34.1-r5 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-28391">https://access.redhat.com/security/cve/CVE-2022-28391</a><br><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch</a><br><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch</a><br><a href="https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661">https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-28391">https://nvd.nist.gov/vuln/detail/CVE-2022-28391</a><br></details>  |
+| curl         |    CVE-2022-22576   |   MEDIUM  |  7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-22576">https://access.redhat.com/security/cve/CVE-2022-22576</a><br><a href="https://curl.se/docs/CVE-2022-22576.html">https://curl.se/docs/CVE-2022-22576.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details>  |
+| curl         |    CVE-2022-27774   |   MEDIUM  |  7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27774">https://access.redhat.com/security/cve/CVE-2022-27774</a><br><a href="https://curl.se/docs/CVE-2022-27774.html">https://curl.se/docs/CVE-2022-27774.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details>  |
+| curl         |    CVE-2022-27776   |   MEDIUM  |  7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27776">https://access.redhat.com/security/cve/CVE-2022-27776</a><br><a href="https://curl.se/docs/CVE-2022-27776.html">https://curl.se/docs/CVE-2022-27776.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details>  |
+| curl         |    CVE-2022-27775   |   LOW  |  7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27775">https://access.redhat.com/security/cve/CVE-2022-27775</a><br><a href="https://curl.se/docs/CVE-2022-27775.html">https://curl.se/docs/CVE-2022-27775.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details>  |
+| libcurl         |    CVE-2022-22576   |   MEDIUM  |  7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-22576">https://access.redhat.com/security/cve/CVE-2022-22576</a><br><a href="https://curl.se/docs/CVE-2022-22576.html">https://curl.se/docs/CVE-2022-22576.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details>  |
+| libcurl         |    CVE-2022-27774   |   MEDIUM  |  7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27774">https://access.redhat.com/security/cve/CVE-2022-27774</a><br><a href="https://curl.se/docs/CVE-2022-27774.html">https://curl.se/docs/CVE-2022-27774.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details>  |
+| libcurl         |    CVE-2022-27776   |   MEDIUM  |  7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27776">https://access.redhat.com/security/cve/CVE-2022-27776</a><br><a href="https://curl.se/docs/CVE-2022-27776.html">https://curl.se/docs/CVE-2022-27776.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details>  |
+| libcurl         |    CVE-2022-27775   |   LOW  |  7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27775">https://access.redhat.com/security/cve/CVE-2022-27775</a><br><a href="https://curl.se/docs/CVE-2022-27775.html">https://curl.se/docs/CVE-2022-27775.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details>  |
+| ssl_client         |    CVE-2022-28391   |   CRITICAL  |  1.34.1-r4 | 1.34.1-r5 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-28391">https://access.redhat.com/security/cve/CVE-2022-28391</a><br><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch</a><br><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch</a><br><a href="https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661">https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-28391">https://nvd.nist.gov/vuln/detail/CVE-2022-28391</a><br></details>  |
+| zlib         |    CVE-2018-25032   |   HIGH  |  1.2.11-r3 | 1.2.12-r0 | <details><summary>Expand...</summary><a href="http://www.openwall.com/lists/oss-security/2022/03/25/2">http://www.openwall.com/lists/oss-security/2022/03/25/2</a><br><a href="http://www.openwall.com/lists/oss-security/2022/03/26/1">http://www.openwall.com/lists/oss-security/2022/03/26/1</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-25032">https://access.redhat.com/security/cve/CVE-2018-25032</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032</a><br><a href="https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531">https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531</a><br><a href="https://github.com/madler/zlib/compare/v1.2.11...v1.2.12">https://github.com/madler/zlib/compare/v1.2.11...v1.2.12</a><br><a href="https://github.com/madler/zlib/issues/605">https://github.com/madler/zlib/issues/605</a><br><a href="https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4">https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4</a><br><a href="https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5">https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5</a><br><a href="https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ">https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ</a><br><a href="https://linux.oracle.com/cve/CVE-2018-25032.html">https://linux.oracle.com/cve/CVE-2018-25032.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-1642.html">https://linux.oracle.com/errata/ELSA-2022-1642.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html">https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2018-25032">https://nvd.nist.gov/vuln/detail/CVE-2018-25032</a><br><a href="https://ubuntu.com/security/notices/USN-5355-1">https://ubuntu.com/security/notices/USN-5355-1</a><br><a href="https://ubuntu.com/security/notices/USN-5355-2">https://ubuntu.com/security/notices/USN-5355-2</a><br><a href="https://ubuntu.com/security/notices/USN-5359-1">https://ubuntu.com/security/notices/USN-5359-1</a><br><a href="https://www.debian.org/security/2022/dsa-5111">https://www.debian.org/security/2022/dsa-5111</a><br><a href="https://www.openwall.com/lists/oss-security/2022/03/24/1">https://www.openwall.com/lists/oss-security/2022/03/24/1</a><br><a href="https://www.openwall.com/lists/oss-security/2022/03/28/1">https://www.openwall.com/lists/oss-security/2022/03/28/1</a><br><a href="https://www.openwall.com/lists/oss-security/2022/03/28/3">https://www.openwall.com/lists/oss-security/2022/03/28/3</a><br></details>  |
 
 
 

core/prometheus/2.0.47/CHANGELOG.md

@@ -1,6 +1,15 @@
 # Changelog<br>
 
 
+<a name="prometheus-2.0.47"></a>
+### [prometheus-2.0.47](https://github.com/truecharts/apps/compare/prometheus-2.0.46...prometheus-2.0.47) (2022-05-04)
+
+#### Chore
+
+* update docker general non-major ([#2606](https://github.com/truecharts/apps/issues/2606))
+
+
+
 <a name="prometheus-2.0.46"></a>
 ### [prometheus-2.0.46](https://github.com/truecharts/apps/compare/prometheus-2.0.45...prometheus-2.0.46) (2022-04-29)
 
@@ -88,12 +97,3 @@
 #### Chore
 
 * update docker general non-major
-
-
-
-<a name="prometheus-2.0.36"></a>
-### [prometheus-2.0.36](https://github.com/truecharts/apps/compare/prometheus-2.0.35...prometheus-2.0.36) (2022-04-12)
-
-#### Chore
-
-* update docker general non-major

core/prometheus/2.0.47/Chart.lock

@@ -9,4 +9,4 @@ dependencies:
   repository: https://charts.bitnami.com/bitnami
   version: 2.2.19
 digest: sha256:943014a8c52161f167d2941e4dfaefe2a2735c17232c5986c8f3d055af951706
-generated: "2022-04-29T07:34:29.162560303Z"
+generated: "2022-05-04T21:08:59.541043798Z"

core/prometheus/2.0.47/Chart.yaml

@@ -1,5 +1,5 @@
 apiVersion: v2
-appVersion: "0.56.0"
+appVersion: "0.56.1"
 dependencies:
 - name: common
   repository: https://library-charts.truecharts.org
@@ -28,7 +28,7 @@ sources:
   - https://github.com/prometheus-community/helm-charts
   - https://github.com/prometheus-operator/kube-prometheus
 type: application
-version: 2.0.46
+version: 2.0.47
 annotations:
   truecharts.org/catagories: |
     - metrics

core/prometheus/2.0.47/ix_values.yaml

@@ -1,10 +1,10 @@
 image:
   repository: tccr.io/truecharts/prometheus-operator
-  tag: v0.56.0@sha256:a01979b632b2db07cf386b9e973e2e05b3a0493f2e6bb07ce736344b9ddbe764
+  tag: v0.56.1@sha256:f5cf06f0f4bcc233c6bf71b7d3b8ab01465f37e3489e772d96f12caf6c523d8e
 
 prometheusImage:
   repository: tccr.io/truecharts/prometheus
-  tag: v2.35.0@sha256:294db22854e8687924ca728d5003203cd48fd14ae6167a4c6a1906ce4a6938ad
+  tag: v2.35.0@sha256:5faf3b077cac3e13c27f1ada8af00da19e7c3b9667b2e6c9ba5a0330605e1d62
 
 thanosImage:
   repository: tccr.io/truecharts/thanos
@@ -12,7 +12,7 @@ thanosImage:
 
 alertmanagerImage:
   repository: tccr.io/truecharts/alertmanager
-  tag: v0.24.0@sha256:5fd34d7bf06225de1892f9620b7e574703214dfdedcbb05edcfefdb858435329
+  tag: v0.24.0@sha256:fc8b223b7e154249dd8226423f8967d8af9cfadc496b75de2e899aefcfec092c
 
 global:
   labels: {}

core/prometheus/2.0.47/security.md

@@ -181,7 +181,7 @@ hide:
 
           tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583
           tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583
-          tccr.io/truecharts/prometheus-operator:v0.56.0@sha256:a01979b632b2db07cf386b9e973e2e05b3a0493f2e6bb07ce736344b9ddbe764
+          tccr.io/truecharts/prometheus-operator:v0.56.1@sha256:f5cf06f0f4bcc233c6bf71b7d3b8ab01465f37e3489e772d96f12caf6c523d8e
           bitnami/node-exporter:1.3.1-debian-10-r129
           bitnami/kube-state-metrics:2.4.2-debian-10-r42
 
@@ -196,7 +196,7 @@ hide:
 
 | Package         |    Vulnerability   |   Severity  |  Installed Version | Fixed Version |                   Links                   |
 |:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
-| busybox         |    CVE-2022-28391   |   CRITICAL  |  1.34.1-r4 | 1.34.1-r5 | <details><summary>Expand...</summary><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch</a><br><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch</a><br><a href="https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661">https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-28391">https://nvd.nist.gov/vuln/detail/CVE-2022-28391</a><br></details>  |
+| busybox         |    CVE-2022-28391   |   CRITICAL  |  1.34.1-r4 | 1.34.1-r5 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-28391">https://access.redhat.com/security/cve/CVE-2022-28391</a><br><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch</a><br><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch</a><br><a href="https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661">https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-28391">https://nvd.nist.gov/vuln/detail/CVE-2022-28391</a><br></details>  |
 | curl         |    CVE-2022-22576   |   MEDIUM  |  7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-22576">https://access.redhat.com/security/cve/CVE-2022-22576</a><br><a href="https://curl.se/docs/CVE-2022-22576.html">https://curl.se/docs/CVE-2022-22576.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details>  |
 | curl         |    CVE-2022-27774   |   MEDIUM  |  7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27774">https://access.redhat.com/security/cve/CVE-2022-27774</a><br><a href="https://curl.se/docs/CVE-2022-27774.html">https://curl.se/docs/CVE-2022-27774.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details>  |
 | curl         |    CVE-2022-27776   |   MEDIUM  |  7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27776">https://access.redhat.com/security/cve/CVE-2022-27776</a><br><a href="https://curl.se/docs/CVE-2022-27776.html">https://curl.se/docs/CVE-2022-27776.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details>  |
@@ -205,8 +205,8 @@ hide:
 | libcurl         |    CVE-2022-27774   |   MEDIUM  |  7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27774">https://access.redhat.com/security/cve/CVE-2022-27774</a><br><a href="https://curl.se/docs/CVE-2022-27774.html">https://curl.se/docs/CVE-2022-27774.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details>  |
 | libcurl         |    CVE-2022-27776   |   MEDIUM  |  7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27776">https://access.redhat.com/security/cve/CVE-2022-27776</a><br><a href="https://curl.se/docs/CVE-2022-27776.html">https://curl.se/docs/CVE-2022-27776.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details>  |
 | libcurl         |    CVE-2022-27775   |   LOW  |  7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27775">https://access.redhat.com/security/cve/CVE-2022-27775</a><br><a href="https://curl.se/docs/CVE-2022-27775.html">https://curl.se/docs/CVE-2022-27775.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details>  |
-| ssl_client         |    CVE-2022-28391   |   CRITICAL  |  1.34.1-r4 | 1.34.1-r5 | <details><summary>Expand...</summary><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch</a><br><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch</a><br><a href="https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661">https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-28391">https://nvd.nist.gov/vuln/detail/CVE-2022-28391</a><br></details>  |
-| zlib         |    CVE-2018-25032   |   HIGH  |  1.2.11-r3 | 1.2.12-r0 | <details><summary>Expand...</summary><a href="http://www.openwall.com/lists/oss-security/2022/03/25/2">http://www.openwall.com/lists/oss-security/2022/03/25/2</a><br><a href="http://www.openwall.com/lists/oss-security/2022/03/26/1">http://www.openwall.com/lists/oss-security/2022/03/26/1</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-25032">https://access.redhat.com/security/cve/CVE-2018-25032</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032</a><br><a href="https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531">https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531</a><br><a href="https://github.com/madler/zlib/compare/v1.2.11...v1.2.12">https://github.com/madler/zlib/compare/v1.2.11...v1.2.12</a><br><a href="https://github.com/madler/zlib/issues/605">https://github.com/madler/zlib/issues/605</a><br><a href="https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4">https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4</a><br><a href="https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5">https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5</a><br><a href="https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ">https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ</a><br><a href="https://linux.oracle.com/cve/CVE-2018-25032.html">https://linux.oracle.com/cve/CVE-2018-25032.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-1642.html">https://linux.oracle.com/errata/ELSA-2022-1642.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html">https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2018-25032">https://nvd.nist.gov/vuln/detail/CVE-2018-25032</a><br><a href="https://ubuntu.com/security/notices/USN-5355-1">https://ubuntu.com/security/notices/USN-5355-1</a><br><a href="https://ubuntu.com/security/notices/USN-5355-2">https://ubuntu.com/security/notices/USN-5355-2</a><br><a href="https://ubuntu.com/security/notices/USN-5359-1">https://ubuntu.com/security/notices/USN-5359-1</a><br><a href="https://www.debian.org/security/2022/dsa-5111">https://www.debian.org/security/2022/dsa-5111</a><br><a href="https://www.openwall.com/lists/oss-security/2022/03/24/1">https://www.openwall.com/lists/oss-security/2022/03/24/1</a><br><a href="https://www.openwall.com/lists/oss-security/2022/03/28/1">https://www.openwall.com/lists/oss-security/2022/03/28/1</a><br><a href="https://www.openwall.com/lists/oss-security/2022/03/28/3">https://www.openwall.com/lists/oss-security/2022/03/28/3</a><br></details>  |
+| ssl_client         |    CVE-2022-28391   |   CRITICAL  |  1.34.1-r4 | 1.34.1-r5 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-28391">https://access.redhat.com/security/cve/CVE-2022-28391</a><br><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch</a><br><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch</a><br><a href="https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661">https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-28391">https://nvd.nist.gov/vuln/detail/CVE-2022-28391</a><br></details>  |
+| zlib         |    CVE-2018-25032   |   HIGH  |  1.2.11-r3 | 1.2.12-r0 | <details><summary>Expand...</summary><a href="http://www.openwall.com/lists/oss-security/2022/03/25/2">http://www.openwall.com/lists/oss-security/2022/03/25/2</a><br><a href="http://www.openwall.com/lists/oss-security/2022/03/26/1">http://www.openwall.com/lists/oss-security/2022/03/26/1</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-25032">https://access.redhat.com/security/cve/CVE-2018-25032</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032</a><br><a href="https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531">https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531</a><br><a href="https://github.com/madler/zlib/compare/v1.2.11...v1.2.12">https://github.com/madler/zlib/compare/v1.2.11...v1.2.12</a><br><a href="https://github.com/madler/zlib/issues/605">https://github.com/madler/zlib/issues/605</a><br><a href="https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4">https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4</a><br><a href="https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5">https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5</a><br><a href="https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ">https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ</a><br><a href="https://linux.oracle.com/cve/CVE-2018-25032.html">https://linux.oracle.com/cve/CVE-2018-25032.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-1642.html">https://linux.oracle.com/errata/ELSA-2022-1642.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html">https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2018-25032">https://nvd.nist.gov/vuln/detail/CVE-2018-25032</a><br><a href="https://ubuntu.com/security/notices/USN-5355-1">https://ubuntu.com/security/notices/USN-5355-1</a><br><a href="https://ubuntu.com/security/notices/USN-5355-2">https://ubuntu.com/security/notices/USN-5355-2</a><br><a href="https://ubuntu.com/security/notices/USN-5359-1">https://ubuntu.com/security/notices/USN-5359-1</a><br><a href="https://www.debian.org/security/2022/dsa-5111">https://www.debian.org/security/2022/dsa-5111</a><br><a href="https://www.openwall.com/lists/oss-security/2022/03/24/1">https://www.openwall.com/lists/oss-security/2022/03/24/1</a><br><a href="https://www.openwall.com/lists/oss-security/2022/03/28/1">https://www.openwall.com/lists/oss-security/2022/03/28/1</a><br><a href="https://www.openwall.com/lists/oss-security/2022/03/28/3">https://www.openwall.com/lists/oss-security/2022/03/28/3</a><br></details>  |
 
 
 #### Container: tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583 (alpine 3.15.2)
@@ -217,7 +217,7 @@ hide:
 
 | Package         |    Vulnerability   |   Severity  |  Installed Version | Fixed Version |                   Links                   |
 |:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
-| busybox         |    CVE-2022-28391   |   CRITICAL  |  1.34.1-r4 | 1.34.1-r5 | <details><summary>Expand...</summary><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch</a><br><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch</a><br><a href="https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661">https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-28391">https://nvd.nist.gov/vuln/detail/CVE-2022-28391</a><br></details>  |
+| busybox         |    CVE-2022-28391   |   CRITICAL  |  1.34.1-r4 | 1.34.1-r5 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-28391">https://access.redhat.com/security/cve/CVE-2022-28391</a><br><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch</a><br><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch</a><br><a href="https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661">https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-28391">https://nvd.nist.gov/vuln/detail/CVE-2022-28391</a><br></details>  |
 | curl         |    CVE-2022-22576   |   MEDIUM  |  7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-22576">https://access.redhat.com/security/cve/CVE-2022-22576</a><br><a href="https://curl.se/docs/CVE-2022-22576.html">https://curl.se/docs/CVE-2022-22576.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details>  |
 | curl         |    CVE-2022-27774   |   MEDIUM  |  7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27774">https://access.redhat.com/security/cve/CVE-2022-27774</a><br><a href="https://curl.se/docs/CVE-2022-27774.html">https://curl.se/docs/CVE-2022-27774.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details>  |
 | curl         |    CVE-2022-27776   |   MEDIUM  |  7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27776">https://access.redhat.com/security/cve/CVE-2022-27776</a><br><a href="https://curl.se/docs/CVE-2022-27776.html">https://curl.se/docs/CVE-2022-27776.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details>  |
@@ -226,11 +226,11 @@ hide:
 | libcurl         |    CVE-2022-27774   |   MEDIUM  |  7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27774">https://access.redhat.com/security/cve/CVE-2022-27774</a><br><a href="https://curl.se/docs/CVE-2022-27774.html">https://curl.se/docs/CVE-2022-27774.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details>  |
 | libcurl         |    CVE-2022-27776   |   MEDIUM  |  7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27776">https://access.redhat.com/security/cve/CVE-2022-27776</a><br><a href="https://curl.se/docs/CVE-2022-27776.html">https://curl.se/docs/CVE-2022-27776.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details>  |
 | libcurl         |    CVE-2022-27775   |   LOW  |  7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27775">https://access.redhat.com/security/cve/CVE-2022-27775</a><br><a href="https://curl.se/docs/CVE-2022-27775.html">https://curl.se/docs/CVE-2022-27775.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details>  |
-| ssl_client         |    CVE-2022-28391   |   CRITICAL  |  1.34.1-r4 | 1.34.1-r5 | <details><summary>Expand...</summary><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch</a><br><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch</a><br><a href="https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661">https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-28391">https://nvd.nist.gov/vuln/detail/CVE-2022-28391</a><br></details>  |
-| zlib         |    CVE-2018-25032   |   HIGH  |  1.2.11-r3 | 1.2.12-r0 | <details><summary>Expand...</summary><a href="http://www.openwall.com/lists/oss-security/2022/03/25/2">http://www.openwall.com/lists/oss-security/2022/03/25/2</a><br><a href="http://www.openwall.com/lists/oss-security/2022/03/26/1">http://www.openwall.com/lists/oss-security/2022/03/26/1</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-25032">https://access.redhat.com/security/cve/CVE-2018-25032</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032</a><br><a href="https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531">https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531</a><br><a href="https://github.com/madler/zlib/compare/v1.2.11...v1.2.12">https://github.com/madler/zlib/compare/v1.2.11...v1.2.12</a><br><a href="https://github.com/madler/zlib/issues/605">https://github.com/madler/zlib/issues/605</a><br><a href="https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4">https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4</a><br><a href="https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5">https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5</a><br><a href="https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ">https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ</a><br><a href="https://linux.oracle.com/cve/CVE-2018-25032.html">https://linux.oracle.com/cve/CVE-2018-25032.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-1642.html">https://linux.oracle.com/errata/ELSA-2022-1642.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html">https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2018-25032">https://nvd.nist.gov/vuln/detail/CVE-2018-25032</a><br><a href="https://ubuntu.com/security/notices/USN-5355-1">https://ubuntu.com/security/notices/USN-5355-1</a><br><a href="https://ubuntu.com/security/notices/USN-5355-2">https://ubuntu.com/security/notices/USN-5355-2</a><br><a href="https://ubuntu.com/security/notices/USN-5359-1">https://ubuntu.com/security/notices/USN-5359-1</a><br><a href="https://www.debian.org/security/2022/dsa-5111">https://www.debian.org/security/2022/dsa-5111</a><br><a href="https://www.openwall.com/lists/oss-security/2022/03/24/1">https://www.openwall.com/lists/oss-security/2022/03/24/1</a><br><a href="https://www.openwall.com/lists/oss-security/2022/03/28/1">https://www.openwall.com/lists/oss-security/2022/03/28/1</a><br><a href="https://www.openwall.com/lists/oss-security/2022/03/28/3">https://www.openwall.com/lists/oss-security/2022/03/28/3</a><br></details>  |
+| ssl_client         |    CVE-2022-28391   |   CRITICAL  |  1.34.1-r4 | 1.34.1-r5 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-28391">https://access.redhat.com/security/cve/CVE-2022-28391</a><br><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch</a><br><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch</a><br><a href="https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661">https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-28391">https://nvd.nist.gov/vuln/detail/CVE-2022-28391</a><br></details>  |
+| zlib         |    CVE-2018-25032   |   HIGH  |  1.2.11-r3 | 1.2.12-r0 | <details><summary>Expand...</summary><a href="http://www.openwall.com/lists/oss-security/2022/03/25/2">http://www.openwall.com/lists/oss-security/2022/03/25/2</a><br><a href="http://www.openwall.com/lists/oss-security/2022/03/26/1">http://www.openwall.com/lists/oss-security/2022/03/26/1</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-25032">https://access.redhat.com/security/cve/CVE-2018-25032</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032</a><br><a href="https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531">https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531</a><br><a href="https://github.com/madler/zlib/compare/v1.2.11...v1.2.12">https://github.com/madler/zlib/compare/v1.2.11...v1.2.12</a><br><a href="https://github.com/madler/zlib/issues/605">https://github.com/madler/zlib/issues/605</a><br><a href="https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4">https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4</a><br><a href="https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5">https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5</a><br><a href="https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ">https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ</a><br><a href="https://linux.oracle.com/cve/CVE-2018-25032.html">https://linux.oracle.com/cve/CVE-2018-25032.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-1642.html">https://linux.oracle.com/errata/ELSA-2022-1642.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html">https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2018-25032">https://nvd.nist.gov/vuln/detail/CVE-2018-25032</a><br><a href="https://ubuntu.com/security/notices/USN-5355-1">https://ubuntu.com/security/notices/USN-5355-1</a><br><a href="https://ubuntu.com/security/notices/USN-5355-2">https://ubuntu.com/security/notices/USN-5355-2</a><br><a href="https://ubuntu.com/security/notices/USN-5359-1">https://ubuntu.com/security/notices/USN-5359-1</a><br><a href="https://www.debian.org/security/2022/dsa-5111">https://www.debian.org/security/2022/dsa-5111</a><br><a href="https://www.openwall.com/lists/oss-security/2022/03/24/1">https://www.openwall.com/lists/oss-security/2022/03/24/1</a><br><a href="https://www.openwall.com/lists/oss-security/2022/03/28/1">https://www.openwall.com/lists/oss-security/2022/03/28/1</a><br><a href="https://www.openwall.com/lists/oss-security/2022/03/28/3">https://www.openwall.com/lists/oss-security/2022/03/28/3</a><br></details>  |
 
 
-#### Container: tccr.io/truecharts/prometheus-operator:v0.56.0@sha256:a01979b632b2db07cf386b9e973e2e05b3a0493f2e6bb07ce736344b9ddbe764 (debian 10.12)
+#### Container: tccr.io/truecharts/prometheus-operator:v0.56.1@sha256:f5cf06f0f4bcc233c6bf71b7d3b8ab01465f37e3489e772d96f12caf6c523d8e (debian 10.12)
 
 
 **debian**
@@ -365,6 +365,7 @@ hide:
 | libsmartcols1         |    CVE-2022-0563   |   LOW  |  2.33.1-0.1 |  | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-0563">https://access.redhat.com/security/cve/CVE-2022-0563</a><br><a href="https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u">https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-0563">https://nvd.nist.gov/vuln/detail/CVE-2022-0563</a><br><a href="https://security.netapp.com/advisory/ntap-20220331-0002/">https://security.netapp.com/advisory/ntap-20220331-0002/</a><br></details>  |
 | libssh2-1         |    CVE-2019-13115   |   HIGH  |  1.8.0-2.1 |  | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2019-13115">https://access.redhat.com/security/cve/CVE-2019-13115</a><br><a href="https://blog.semmle.com/libssh2-integer-overflow/">https://blog.semmle.com/libssh2-integer-overflow/</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13115">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13115</a><br><a href="https://github.com/libssh2/libssh2/compare/02ecf17...42d37aa">https://github.com/libssh2/libssh2/compare/02ecf17...42d37aa</a><br><a href="https://github.com/libssh2/libssh2/pull/350">https://github.com/libssh2/libssh2/pull/350</a><br><a href="https://libssh2.org/changes.html">https://libssh2.org/changes.html</a><br><a href="https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E">https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E">https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E</a><br><a href="https://lists.debian.org/debian-lts-announce/2019/07/msg00024.html">https://lists.debian.org/debian-lts-announce/2019/07/msg00024.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2021/12/msg00013.html">https://lists.debian.org/debian-lts-announce/2021/12/msg00013.html</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6LUNHPW64IGCASZ4JQ2J5KDXNZN53DWW/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6LUNHPW64IGCASZ4JQ2J5KDXNZN53DWW/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M7IF3LNHOA75O4WZWIHJLIRMA5LJUED3/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M7IF3LNHOA75O4WZWIHJLIRMA5LJUED3/</a><br><a href="https://security.netapp.com/advisory/ntap-20190806-0002/">https://security.netapp.com/advisory/ntap-20190806-0002/</a><br><a href="https://support.f5.com/csp/article/K13322484">https://support.f5.com/csp/article/K13322484</a><br><a href="https://support.f5.com/csp/article/K13322484?utm_source=f5support&amp;amp;utm_medium=RSS">https://support.f5.com/csp/article/K13322484?utm_source=f5support&amp;amp;utm_medium=RSS</a><br></details>  |
 | libssh2-1         |    CVE-2019-17498   |   LOW  |  1.8.0-2.1 |  | <details><summary>Expand...</summary><a href="http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00026.html">http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00026.html</a><br><a href="https://access.redhat.com/security/cve/CVE-2019-17498">https://access.redhat.com/security/cve/CVE-2019-17498</a><br><a href="https://blog.semmle.com/libssh2-integer-overflow-CVE-2019-17498/">https://blog.semmle.com/libssh2-integer-overflow-CVE-2019-17498/</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17498">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17498</a><br><a href="https://github.com/kevinbackhouse/SecurityExploits/tree/8cbdbbe6363510f7d9ceec685373da12e6fc752d/libssh2/out_of_bounds_read_disconnect_CVE-2019-17498">https://github.com/kevinbackhouse/SecurityExploits/tree/8cbdbbe6363510f7d9ceec685373da12e6fc752d/libssh2/out_of_bounds_read_disconnect_CVE-2019-17498</a><br><a href="https://github.com/libssh2/libssh2/blob/42d37aa63129a1b2644bf6495198923534322d64/src/packet.c#L480">https://github.com/libssh2/libssh2/blob/42d37aa63129a1b2644bf6495198923534322d64/src/packet.c#L480</a><br><a href="https://github.com/libssh2/libssh2/commit/dedcbd106f8e52d5586b0205bc7677e4c9868f9c">https://github.com/libssh2/libssh2/commit/dedcbd106f8e52d5586b0205bc7677e4c9868f9c</a><br><a href="https://github.com/libssh2/libssh2/pull/402/commits/1c6fa92b77e34d089493fe6d3e2c6c8775858b94">https://github.com/libssh2/libssh2/pull/402/commits/1c6fa92b77e34d089493fe6d3e2c6c8775858b94</a><br><a href="https://linux.oracle.com/cve/CVE-2019-17498.html">https://linux.oracle.com/cve/CVE-2019-17498.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2020-3915.html">https://linux.oracle.com/errata/ELSA-2020-3915.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2019/11/msg00010.html">https://lists.debian.org/debian-lts-announce/2019/11/msg00010.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2021/12/msg00013.html">https://lists.debian.org/debian-lts-announce/2021/12/msg00013.html</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/22H4Q5XMGS3QNSA7OCL3U7UQZ4NXMR5O/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/22H4Q5XMGS3QNSA7OCL3U7UQZ4NXMR5O/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TY7EEE34RFKCTXTMBQQWWSLXZWSCXNDB/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TY7EEE34RFKCTXTMBQQWWSLXZWSCXNDB/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2019-17498">https://nvd.nist.gov/vuln/detail/CVE-2019-17498</a><br></details>  |
+| libssl1.1         |    CVE-2022-1292   |   MEDIUM  |  1.1.1n-0+deb10u1 |  | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-1292">https://access.redhat.com/security/cve/CVE-2022-1292</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292</a><br><a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2">https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2</a><br><a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=548d3f280a6e737673f5b61fce24bb100108dfeb">https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=548d3f280a6e737673f5b61fce24bb100108dfeb</a><br><a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23">https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23</a><br><a href="https://mta.openssl.org/pipermail/openssl-announce/2022-May/000224.html">https://mta.openssl.org/pipermail/openssl-announce/2022-May/000224.html</a><br><a href="https://www.openssl.org/news/secadv/20220503.txt">https://www.openssl.org/news/secadv/20220503.txt</a><br></details>  |
 | libssl1.1         |    CVE-2007-6755   |   LOW  |  1.1.1n-0+deb10u1 |  | <details><summary>Expand...</summary><a href="http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/">http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/</a><br><a href="http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html">http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html</a><br><a href="http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html">http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html</a><br><a href="http://rump2007.cr.yp.to/15-shumow.pdf">http://rump2007.cr.yp.to/15-shumow.pdf</a><br><a href="http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/">http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/</a><br><a href="http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect">http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect</a><br><a href="http://www.securityfocus.com/bid/63657">http://www.securityfocus.com/bid/63657</a><br><a href="https://access.redhat.com/security/cve/CVE-2007-6755">https://access.redhat.com/security/cve/CVE-2007-6755</a><br><a href="https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html">https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html</a><br></details>  |
 | libssl1.1         |    CVE-2010-0928   |   LOW  |  1.1.1n-0+deb10u1 |  | <details><summary>Expand...</summary><a href="http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/">http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/</a><br><a href="http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf">http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf</a><br><a href="http://www.networkworld.com/news/2010/030410-rsa-security-attack.html">http://www.networkworld.com/news/2010/030410-rsa-security-attack.html</a><br><a href="http://www.osvdb.org/62808">http://www.osvdb.org/62808</a><br><a href="http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/">http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/</a><br><a href="https://access.redhat.com/security/cve/CVE-2010-0928">https://access.redhat.com/security/cve/CVE-2010-0928</a><br><a href="https://exchange.xforce.ibmcloud.com/vulnerabilities/56750">https://exchange.xforce.ibmcloud.com/vulnerabilities/56750</a><br></details>  |
 | libstdc++6         |    CVE-2018-12886   |   HIGH  |  8.3.0-6 |  | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2018-12886">https://access.redhat.com/security/cve/CVE-2018-12886</a><br><a href="https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379&amp;view=markup">https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379&amp;view=markup</a><br><a href="https://www.gnu.org/software/gcc/gcc-8/changes.html">https://www.gnu.org/software/gcc/gcc-8/changes.html</a><br></details>  |
@@ -396,6 +397,7 @@ hide:
 | mount         |    CVE-2022-0563   |   LOW  |  2.33.1-0.1 |  | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-0563">https://access.redhat.com/security/cve/CVE-2022-0563</a><br><a href="https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u">https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-0563">https://nvd.nist.gov/vuln/detail/CVE-2022-0563</a><br><a href="https://security.netapp.com/advisory/ntap-20220331-0002/">https://security.netapp.com/advisory/ntap-20220331-0002/</a><br></details>  |
 | ncurses-base         |    CVE-2022-29458   |   HIGH  |  6.1+20181013-2+deb10u2 |  | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-29458">https://access.redhat.com/security/cve/CVE-2022-29458</a><br><a href="https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html">https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html</a><br><a href="https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html">https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-29458">https://nvd.nist.gov/vuln/detail/CVE-2022-29458</a><br></details>  |
 | ncurses-base         |    CVE-2021-39537   |   LOW  |  6.1+20181013-2+deb10u2 |  | <details><summary>Expand...</summary><a href="http://cvsweb.netbsd.org/bsdweb.cgi/pkgsrc/devel/ncurses/patches/patch-ncurses_tinfo_captoinfo.c?rev=1.1&amp;content-type=text/x-cvsweb-markup">http://cvsweb.netbsd.org/bsdweb.cgi/pkgsrc/devel/ncurses/patches/patch-ncurses_tinfo_captoinfo.c?rev=1.1&amp;content-type=text/x-cvsweb-markup</a><br><a href="https://access.redhat.com/security/cve/CVE-2021-39537">https://access.redhat.com/security/cve/CVE-2021-39537</a><br><a href="https://lists.gnu.org/archive/html/bug-ncurses/2020-08/msg00006.html">https://lists.gnu.org/archive/html/bug-ncurses/2020-08/msg00006.html</a><br><a href="https://lists.gnu.org/archive/html/bug-ncurses/2021-10/msg00023.html">https://lists.gnu.org/archive/html/bug-ncurses/2021-10/msg00023.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-39537">https://nvd.nist.gov/vuln/detail/CVE-2021-39537</a><br></details>  |
+| openssl         |    CVE-2022-1292   |   MEDIUM  |  1.1.1n-0+deb10u1 |  | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-1292">https://access.redhat.com/security/cve/CVE-2022-1292</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292</a><br><a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2">https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2</a><br><a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=548d3f280a6e737673f5b61fce24bb100108dfeb">https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=548d3f280a6e737673f5b61fce24bb100108dfeb</a><br><a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23">https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23</a><br><a href="https://mta.openssl.org/pipermail/openssl-announce/2022-May/000224.html">https://mta.openssl.org/pipermail/openssl-announce/2022-May/000224.html</a><br><a href="https://www.openssl.org/news/secadv/20220503.txt">https://www.openssl.org/news/secadv/20220503.txt</a><br></details>  |
 | openssl         |    CVE-2007-6755   |   LOW  |  1.1.1n-0+deb10u1 |  | <details><summary>Expand...</summary><a href="http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/">http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/</a><br><a href="http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html">http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html</a><br><a href="http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html">http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html</a><br><a href="http://rump2007.cr.yp.to/15-shumow.pdf">http://rump2007.cr.yp.to/15-shumow.pdf</a><br><a href="http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/">http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/</a><br><a href="http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect">http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect</a><br><a href="http://www.securityfocus.com/bid/63657">http://www.securityfocus.com/bid/63657</a><br><a href="https://access.redhat.com/security/cve/CVE-2007-6755">https://access.redhat.com/security/cve/CVE-2007-6755</a><br><a href="https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html">https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html</a><br></details>  |
 | openssl         |    CVE-2010-0928   |   LOW  |  1.1.1n-0+deb10u1 |  | <details><summary>Expand...</summary><a href="http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/">http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/</a><br><a href="http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf">http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf</a><br><a href="http://www.networkworld.com/news/2010/030410-rsa-security-attack.html">http://www.networkworld.com/news/2010/030410-rsa-security-attack.html</a><br><a href="http://www.osvdb.org/62808">http://www.osvdb.org/62808</a><br><a href="http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/">http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/</a><br><a href="https://access.redhat.com/security/cve/CVE-2010-0928">https://access.redhat.com/security/cve/CVE-2010-0928</a><br><a href="https://exchange.xforce.ibmcloud.com/vulnerabilities/56750">https://exchange.xforce.ibmcloud.com/vulnerabilities/56750</a><br></details>  |
 | passwd         |    CVE-2007-5686   |   LOW  |  1:4.5-1.1 |  | <details><summary>Expand...</summary><a href="http://secunia.com/advisories/27215">http://secunia.com/advisories/27215</a><br><a href="http://www.securityfocus.com/archive/1/482129/100/100/threaded">http://www.securityfocus.com/archive/1/482129/100/100/threaded</a><br><a href="http://www.securityfocus.com/archive/1/482857/100/0/threaded">http://www.securityfocus.com/archive/1/482857/100/0/threaded</a><br><a href="http://www.securityfocus.com/bid/26048">http://www.securityfocus.com/bid/26048</a><br><a href="http://www.vupen.com/english/advisories/2007/3474">http://www.vupen.com/english/advisories/2007/3474</a><br><a href="https://issues.rpath.com/browse/RPL-1825">https://issues.rpath.com/browse/RPL-1825</a><br></details>  |
@@ -547,6 +549,7 @@ hide:
 | libsmartcols1         |    CVE-2022-0563   |   LOW  |  2.33.1-0.1 |  | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-0563">https://access.redhat.com/security/cve/CVE-2022-0563</a><br><a href="https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u">https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-0563">https://nvd.nist.gov/vuln/detail/CVE-2022-0563</a><br><a href="https://security.netapp.com/advisory/ntap-20220331-0002/">https://security.netapp.com/advisory/ntap-20220331-0002/</a><br></details>  |
 | libssh2-1         |    CVE-2019-13115   |   HIGH  |  1.8.0-2.1 |  | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2019-13115">https://access.redhat.com/security/cve/CVE-2019-13115</a><br><a href="https://blog.semmle.com/libssh2-integer-overflow/">https://blog.semmle.com/libssh2-integer-overflow/</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13115">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13115</a><br><a href="https://github.com/libssh2/libssh2/compare/02ecf17...42d37aa">https://github.com/libssh2/libssh2/compare/02ecf17...42d37aa</a><br><a href="https://github.com/libssh2/libssh2/pull/350">https://github.com/libssh2/libssh2/pull/350</a><br><a href="https://libssh2.org/changes.html">https://libssh2.org/changes.html</a><br><a href="https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E">https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E">https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E</a><br><a href="https://lists.debian.org/debian-lts-announce/2019/07/msg00024.html">https://lists.debian.org/debian-lts-announce/2019/07/msg00024.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2021/12/msg00013.html">https://lists.debian.org/debian-lts-announce/2021/12/msg00013.html</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6LUNHPW64IGCASZ4JQ2J5KDXNZN53DWW/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6LUNHPW64IGCASZ4JQ2J5KDXNZN53DWW/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M7IF3LNHOA75O4WZWIHJLIRMA5LJUED3/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M7IF3LNHOA75O4WZWIHJLIRMA5LJUED3/</a><br><a href="https://security.netapp.com/advisory/ntap-20190806-0002/">https://security.netapp.com/advisory/ntap-20190806-0002/</a><br><a href="https://support.f5.com/csp/article/K13322484">https://support.f5.com/csp/article/K13322484</a><br><a href="https://support.f5.com/csp/article/K13322484?utm_source=f5support&amp;amp;utm_medium=RSS">https://support.f5.com/csp/article/K13322484?utm_source=f5support&amp;amp;utm_medium=RSS</a><br></details>  |
 | libssh2-1         |    CVE-2019-17498   |   LOW  |  1.8.0-2.1 |  | <details><summary>Expand...</summary><a href="http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00026.html">http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00026.html</a><br><a href="https://access.redhat.com/security/cve/CVE-2019-17498">https://access.redhat.com/security/cve/CVE-2019-17498</a><br><a href="https://blog.semmle.com/libssh2-integer-overflow-CVE-2019-17498/">https://blog.semmle.com/libssh2-integer-overflow-CVE-2019-17498/</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17498">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17498</a><br><a href="https://github.com/kevinbackhouse/SecurityExploits/tree/8cbdbbe6363510f7d9ceec685373da12e6fc752d/libssh2/out_of_bounds_read_disconnect_CVE-2019-17498">https://github.com/kevinbackhouse/SecurityExploits/tree/8cbdbbe6363510f7d9ceec685373da12e6fc752d/libssh2/out_of_bounds_read_disconnect_CVE-2019-17498</a><br><a href="https://github.com/libssh2/libssh2/blob/42d37aa63129a1b2644bf6495198923534322d64/src/packet.c#L480">https://github.com/libssh2/libssh2/blob/42d37aa63129a1b2644bf6495198923534322d64/src/packet.c#L480</a><br><a href="https://github.com/libssh2/libssh2/commit/dedcbd106f8e52d5586b0205bc7677e4c9868f9c">https://github.com/libssh2/libssh2/commit/dedcbd106f8e52d5586b0205bc7677e4c9868f9c</a><br><a href="https://github.com/libssh2/libssh2/pull/402/commits/1c6fa92b77e34d089493fe6d3e2c6c8775858b94">https://github.com/libssh2/libssh2/pull/402/commits/1c6fa92b77e34d089493fe6d3e2c6c8775858b94</a><br><a href="https://linux.oracle.com/cve/CVE-2019-17498.html">https://linux.oracle.com/cve/CVE-2019-17498.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2020-3915.html">https://linux.oracle.com/errata/ELSA-2020-3915.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2019/11/msg00010.html">https://lists.debian.org/debian-lts-announce/2019/11/msg00010.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2021/12/msg00013.html">https://lists.debian.org/debian-lts-announce/2021/12/msg00013.html</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/22H4Q5XMGS3QNSA7OCL3U7UQZ4NXMR5O/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/22H4Q5XMGS3QNSA7OCL3U7UQZ4NXMR5O/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TY7EEE34RFKCTXTMBQQWWSLXZWSCXNDB/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TY7EEE34RFKCTXTMBQQWWSLXZWSCXNDB/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2019-17498">https://nvd.nist.gov/vuln/detail/CVE-2019-17498</a><br></details>  |
+| libssl1.1         |    CVE-2022-1292   |   MEDIUM  |  1.1.1n-0+deb10u1 |  | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-1292">https://access.redhat.com/security/cve/CVE-2022-1292</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292</a><br><a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2">https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2</a><br><a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=548d3f280a6e737673f5b61fce24bb100108dfeb">https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=548d3f280a6e737673f5b61fce24bb100108dfeb</a><br><a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23">https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23</a><br><a href="https://mta.openssl.org/pipermail/openssl-announce/2022-May/000224.html">https://mta.openssl.org/pipermail/openssl-announce/2022-May/000224.html</a><br><a href="https://www.openssl.org/news/secadv/20220503.txt">https://www.openssl.org/news/secadv/20220503.txt</a><br></details>  |
 | libssl1.1         |    CVE-2007-6755   |   LOW  |  1.1.1n-0+deb10u1 |  | <details><summary>Expand...</summary><a href="http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/">http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/</a><br><a href="http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html">http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html</a><br><a href="http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html">http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html</a><br><a href="http://rump2007.cr.yp.to/15-shumow.pdf">http://rump2007.cr.yp.to/15-shumow.pdf</a><br><a href="http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/">http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/</a><br><a href="http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect">http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect</a><br><a href="http://www.securityfocus.com/bid/63657">http://www.securityfocus.com/bid/63657</a><br><a href="https://access.redhat.com/security/cve/CVE-2007-6755">https://access.redhat.com/security/cve/CVE-2007-6755</a><br><a href="https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html">https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html</a><br></details>  |
 | libssl1.1         |    CVE-2010-0928   |   LOW  |  1.1.1n-0+deb10u1 |  | <details><summary>Expand...</summary><a href="http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/">http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/</a><br><a href="http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf">http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf</a><br><a href="http://www.networkworld.com/news/2010/030410-rsa-security-attack.html">http://www.networkworld.com/news/2010/030410-rsa-security-attack.html</a><br><a href="http://www.osvdb.org/62808">http://www.osvdb.org/62808</a><br><a href="http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/">http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/</a><br><a href="https://access.redhat.com/security/cve/CVE-2010-0928">https://access.redhat.com/security/cve/CVE-2010-0928</a><br><a href="https://exchange.xforce.ibmcloud.com/vulnerabilities/56750">https://exchange.xforce.ibmcloud.com/vulnerabilities/56750</a><br></details>  |
 | libstdc++6         |    CVE-2018-12886   |   HIGH  |  8.3.0-6 |  | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2018-12886">https://access.redhat.com/security/cve/CVE-2018-12886</a><br><a href="https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379&amp;view=markup">https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379&amp;view=markup</a><br><a href="https://www.gnu.org/software/gcc/gcc-8/changes.html">https://www.gnu.org/software/gcc/gcc-8/changes.html</a><br></details>  |
@@ -578,6 +581,7 @@ hide:
 | mount         |    CVE-2022-0563   |   LOW  |  2.33.1-0.1 |  | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-0563">https://access.redhat.com/security/cve/CVE-2022-0563</a><br><a href="https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u">https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-0563">https://nvd.nist.gov/vuln/detail/CVE-2022-0563</a><br><a href="https://security.netapp.com/advisory/ntap-20220331-0002/">https://security.netapp.com/advisory/ntap-20220331-0002/</a><br></details>  |
 | ncurses-base         |    CVE-2022-29458   |   HIGH  |  6.1+20181013-2+deb10u2 |  | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-29458">https://access.redhat.com/security/cve/CVE-2022-29458</a><br><a href="https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html">https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html</a><br><a href="https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html">https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-29458">https://nvd.nist.gov/vuln/detail/CVE-2022-29458</a><br></details>  |
 | ncurses-base         |    CVE-2021-39537   |   LOW  |  6.1+20181013-2+deb10u2 |  | <details><summary>Expand...</summary><a href="http://cvsweb.netbsd.org/bsdweb.cgi/pkgsrc/devel/ncurses/patches/patch-ncurses_tinfo_captoinfo.c?rev=1.1&amp;content-type=text/x-cvsweb-markup">http://cvsweb.netbsd.org/bsdweb.cgi/pkgsrc/devel/ncurses/patches/patch-ncurses_tinfo_captoinfo.c?rev=1.1&amp;content-type=text/x-cvsweb-markup</a><br><a href="https://access.redhat.com/security/cve/CVE-2021-39537">https://access.redhat.com/security/cve/CVE-2021-39537</a><br><a href="https://lists.gnu.org/archive/html/bug-ncurses/2020-08/msg00006.html">https://lists.gnu.org/archive/html/bug-ncurses/2020-08/msg00006.html</a><br><a href="https://lists.gnu.org/archive/html/bug-ncurses/2021-10/msg00023.html">https://lists.gnu.org/archive/html/bug-ncurses/2021-10/msg00023.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-39537">https://nvd.nist.gov/vuln/detail/CVE-2021-39537</a><br></details>  |
+| openssl         |    CVE-2022-1292   |   MEDIUM  |  1.1.1n-0+deb10u1 |  | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-1292">https://access.redhat.com/security/cve/CVE-2022-1292</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292</a><br><a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2">https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2</a><br><a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=548d3f280a6e737673f5b61fce24bb100108dfeb">https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=548d3f280a6e737673f5b61fce24bb100108dfeb</a><br><a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23">https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23</a><br><a href="https://mta.openssl.org/pipermail/openssl-announce/2022-May/000224.html">https://mta.openssl.org/pipermail/openssl-announce/2022-May/000224.html</a><br><a href="https://www.openssl.org/news/secadv/20220503.txt">https://www.openssl.org/news/secadv/20220503.txt</a><br></details>  |
 | openssl         |    CVE-2007-6755   |   LOW  |  1.1.1n-0+deb10u1 |  | <details><summary>Expand...</summary><a href="http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/">http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/</a><br><a href="http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html">http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html</a><br><a href="http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html">http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html</a><br><a href="http://rump2007.cr.yp.to/15-shumow.pdf">http://rump2007.cr.yp.to/15-shumow.pdf</a><br><a href="http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/">http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/</a><br><a href="http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect">http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect</a><br><a href="http://www.securityfocus.com/bid/63657">http://www.securityfocus.com/bid/63657</a><br><a href="https://access.redhat.com/security/cve/CVE-2007-6755">https://access.redhat.com/security/cve/CVE-2007-6755</a><br><a href="https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html">https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html</a><br></details>  |
 | openssl         |    CVE-2010-0928   |   LOW  |  1.1.1n-0+deb10u1 |  | <details><summary>Expand...</summary><a href="http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/">http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/</a><br><a href="http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf">http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf</a><br><a href="http://www.networkworld.com/news/2010/030410-rsa-security-attack.html">http://www.networkworld.com/news/2010/030410-rsa-security-attack.html</a><br><a href="http://www.osvdb.org/62808">http://www.osvdb.org/62808</a><br><a href="http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/">http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/</a><br><a href="https://access.redhat.com/security/cve/CVE-2010-0928">https://access.redhat.com/security/cve/CVE-2010-0928</a><br><a href="https://exchange.xforce.ibmcloud.com/vulnerabilities/56750">https://exchange.xforce.ibmcloud.com/vulnerabilities/56750</a><br></details>  |
 | passwd         |    CVE-2007-5686   |   LOW  |  1:4.5-1.1 |  | <details><summary>Expand...</summary><a href="http://secunia.com/advisories/27215">http://secunia.com/advisories/27215</a><br><a href="http://www.securityfocus.com/archive/1/482129/100/100/threaded">http://www.securityfocus.com/archive/1/482129/100/100/threaded</a><br><a href="http://www.securityfocus.com/archive/1/482857/100/0/threaded">http://www.securityfocus.com/archive/1/482857/100/0/threaded</a><br><a href="http://www.securityfocus.com/bid/26048">http://www.securityfocus.com/bid/26048</a><br><a href="http://www.vupen.com/english/advisories/2007/3474">http://www.vupen.com/english/advisories/2007/3474</a><br><a href="https://issues.rpath.com/browse/RPL-1825">https://issues.rpath.com/browse/RPL-1825</a><br></details>  |
@@ -598,7 +602,7 @@ hide:
 
 | Package         |    Vulnerability   |   Severity  |  Installed Version | Fixed Version |                   Links                   |
 |:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
-| golang.org/x/crypto         |    CVE-2022-27191   |   HIGH  |  v0.0.0-20210616213533-5ff15b29337e | 0.0.0-20220315160706-3147a52a75dd | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27191">https://access.redhat.com/security/cve/CVE-2022-27191</a><br><a href="https://github.com/advisories/GHSA-8c26-wmh5-6g9v">https://github.com/advisories/GHSA-8c26-wmh5-6g9v</a><br><a href="https://groups.google.com/g/golang-announce">https://groups.google.com/g/golang-announce</a><br><a href="https://groups.google.com/g/golang-announce/c/-cp44ypCT5s">https://groups.google.com/g/golang-announce/c/-cp44ypCT5s</a><br><a href="https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ">https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HHGBEGJ54DZZGTXFUQNS7ZIG3E624YAF/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HHGBEGJ54DZZGTXFUQNS7ZIG3E624YAF/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QTFOIDHQRGNI4P6LYN6ILH5G443RYYKB/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QTFOIDHQRGNI4P6LYN6ILH5G443RYYKB/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YHYRQB7TRMHDB3NEHW5XBRG7PPMUTPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YHYRQB7TRMHDB3NEHW5XBRG7PPMUTPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQNPPQWSTP2IX7SHE6TS4SP4EVMI5EZK/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQNPPQWSTP2IX7SHE6TS4SP4EVMI5EZK/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-27191">https://nvd.nist.gov/vuln/detail/CVE-2022-27191</a><br></details>  |
+| golang.org/x/crypto         |    CVE-2022-27191   |   HIGH  |  v0.0.0-20210616213533-5ff15b29337e | 0.0.0-20220315160706-3147a52a75dd | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27191">https://access.redhat.com/security/cve/CVE-2022-27191</a><br><a href="https://github.com/advisories/GHSA-8c26-wmh5-6g9v">https://github.com/advisories/GHSA-8c26-wmh5-6g9v</a><br><a href="https://groups.google.com/g/golang-announce">https://groups.google.com/g/golang-announce</a><br><a href="https://groups.google.com/g/golang-announce/c/-cp44ypCT5s">https://groups.google.com/g/golang-announce/c/-cp44ypCT5s</a><br><a href="https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ">https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HHGBEGJ54DZZGTXFUQNS7ZIG3E624YAF/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HHGBEGJ54DZZGTXFUQNS7ZIG3E624YAF/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QTFOIDHQRGNI4P6LYN6ILH5G443RYYKB/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QTFOIDHQRGNI4P6LYN6ILH5G443RYYKB/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YHYRQB7TRMHDB3NEHW5XBRG7PPMUTPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YHYRQB7TRMHDB3NEHW5XBRG7PPMUTPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQNPPQWSTP2IX7SHE6TS4SP4EVMI5EZK/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQNPPQWSTP2IX7SHE6TS4SP4EVMI5EZK/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-27191">https://nvd.nist.gov/vuln/detail/CVE-2022-27191</a><br><a href="https://security.netapp.com/advisory/ntap-20220429-0002/">https://security.netapp.com/advisory/ntap-20220429-0002/</a><br></details>  |
 | golang.org/x/text         |    CVE-2021-38561   |   UNKNOWN  |  v0.3.6 | 0.3.7 | <details><summary>Expand...</summary><a href="https://go-review.googlesource.com/c/text/+/340830">https://go-review.googlesource.com/c/text/+/340830</a><br><a href="https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f">https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f</a><br><a href="https://pkg.go.dev/vuln/GO-2021-0113">https://pkg.go.dev/vuln/GO-2021-0113</a><br></details>  |
 
 **gobinary**
@@ -606,7 +610,7 @@ hide:
 
 | Package         |    Vulnerability   |   Severity  |  Installed Version | Fixed Version |                   Links                   |
 |:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
-| golang.org/x/crypto         |    CVE-2022-27191   |   HIGH  |  v0.0.0-20210616213533-5ff15b29337e | 0.0.0-20220315160706-3147a52a75dd | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27191">https://access.redhat.com/security/cve/CVE-2022-27191</a><br><a href="https://github.com/advisories/GHSA-8c26-wmh5-6g9v">https://github.com/advisories/GHSA-8c26-wmh5-6g9v</a><br><a href="https://groups.google.com/g/golang-announce">https://groups.google.com/g/golang-announce</a><br><a href="https://groups.google.com/g/golang-announce/c/-cp44ypCT5s">https://groups.google.com/g/golang-announce/c/-cp44ypCT5s</a><br><a href="https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ">https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HHGBEGJ54DZZGTXFUQNS7ZIG3E624YAF/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HHGBEGJ54DZZGTXFUQNS7ZIG3E624YAF/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QTFOIDHQRGNI4P6LYN6ILH5G443RYYKB/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QTFOIDHQRGNI4P6LYN6ILH5G443RYYKB/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YHYRQB7TRMHDB3NEHW5XBRG7PPMUTPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YHYRQB7TRMHDB3NEHW5XBRG7PPMUTPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQNPPQWSTP2IX7SHE6TS4SP4EVMI5EZK/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQNPPQWSTP2IX7SHE6TS4SP4EVMI5EZK/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-27191">https://nvd.nist.gov/vuln/detail/CVE-2022-27191</a><br></details>  |
+| golang.org/x/crypto         |    CVE-2022-27191   |   HIGH  |  v0.0.0-20210616213533-5ff15b29337e | 0.0.0-20220315160706-3147a52a75dd | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27191">https://access.redhat.com/security/cve/CVE-2022-27191</a><br><a href="https://github.com/advisories/GHSA-8c26-wmh5-6g9v">https://github.com/advisories/GHSA-8c26-wmh5-6g9v</a><br><a href="https://groups.google.com/g/golang-announce">https://groups.google.com/g/golang-announce</a><br><a href="https://groups.google.com/g/golang-announce/c/-cp44ypCT5s">https://groups.google.com/g/golang-announce/c/-cp44ypCT5s</a><br><a href="https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ">https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HHGBEGJ54DZZGTXFUQNS7ZIG3E624YAF/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HHGBEGJ54DZZGTXFUQNS7ZIG3E624YAF/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QTFOIDHQRGNI4P6LYN6ILH5G443RYYKB/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QTFOIDHQRGNI4P6LYN6ILH5G443RYYKB/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YHYRQB7TRMHDB3NEHW5XBRG7PPMUTPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YHYRQB7TRMHDB3NEHW5XBRG7PPMUTPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQNPPQWSTP2IX7SHE6TS4SP4EVMI5EZK/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQNPPQWSTP2IX7SHE6TS4SP4EVMI5EZK/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-27191">https://nvd.nist.gov/vuln/detail/CVE-2022-27191</a><br><a href="https://security.netapp.com/advisory/ntap-20220429-0002/">https://security.netapp.com/advisory/ntap-20220429-0002/</a><br></details>  |
 | golang.org/x/text         |    CVE-2021-38561   |   UNKNOWN  |  v0.3.6 | 0.3.7 | <details><summary>Expand...</summary><a href="https://go-review.googlesource.com/c/text/+/340830">https://go-review.googlesource.com/c/text/+/340830</a><br><a href="https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f">https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f</a><br><a href="https://pkg.go.dev/vuln/GO-2021-0113">https://pkg.go.dev/vuln/GO-2021-0113</a><br></details>  |
 
 
@@ -745,6 +749,7 @@ hide:
 | libsmartcols1         |    CVE-2022-0563   |   LOW  |  2.33.1-0.1 |  | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-0563">https://access.redhat.com/security/cve/CVE-2022-0563</a><br><a href="https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u">https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-0563">https://nvd.nist.gov/vuln/detail/CVE-2022-0563</a><br><a href="https://security.netapp.com/advisory/ntap-20220331-0002/">https://security.netapp.com/advisory/ntap-20220331-0002/</a><br></details>  |
 | libssh2-1         |    CVE-2019-13115   |   HIGH  |  1.8.0-2.1 |  | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2019-13115">https://access.redhat.com/security/cve/CVE-2019-13115</a><br><a href="https://blog.semmle.com/libssh2-integer-overflow/">https://blog.semmle.com/libssh2-integer-overflow/</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13115">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13115</a><br><a href="https://github.com/libssh2/libssh2/compare/02ecf17...42d37aa">https://github.com/libssh2/libssh2/compare/02ecf17...42d37aa</a><br><a href="https://github.com/libssh2/libssh2/pull/350">https://github.com/libssh2/libssh2/pull/350</a><br><a href="https://libssh2.org/changes.html">https://libssh2.org/changes.html</a><br><a href="https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E">https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E">https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E</a><br><a href="https://lists.debian.org/debian-lts-announce/2019/07/msg00024.html">https://lists.debian.org/debian-lts-announce/2019/07/msg00024.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2021/12/msg00013.html">https://lists.debian.org/debian-lts-announce/2021/12/msg00013.html</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6LUNHPW64IGCASZ4JQ2J5KDXNZN53DWW/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6LUNHPW64IGCASZ4JQ2J5KDXNZN53DWW/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M7IF3LNHOA75O4WZWIHJLIRMA5LJUED3/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M7IF3LNHOA75O4WZWIHJLIRMA5LJUED3/</a><br><a href="https://security.netapp.com/advisory/ntap-20190806-0002/">https://security.netapp.com/advisory/ntap-20190806-0002/</a><br><a href="https://support.f5.com/csp/article/K13322484">https://support.f5.com/csp/article/K13322484</a><br><a href="https://support.f5.com/csp/article/K13322484?utm_source=f5support&amp;amp;utm_medium=RSS">https://support.f5.com/csp/article/K13322484?utm_source=f5support&amp;amp;utm_medium=RSS</a><br></details>  |
 | libssh2-1         |    CVE-2019-17498   |   LOW  |  1.8.0-2.1 |  | <details><summary>Expand...</summary><a href="http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00026.html">http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00026.html</a><br><a href="https://access.redhat.com/security/cve/CVE-2019-17498">https://access.redhat.com/security/cve/CVE-2019-17498</a><br><a href="https://blog.semmle.com/libssh2-integer-overflow-CVE-2019-17498/">https://blog.semmle.com/libssh2-integer-overflow-CVE-2019-17498/</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17498">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17498</a><br><a href="https://github.com/kevinbackhouse/SecurityExploits/tree/8cbdbbe6363510f7d9ceec685373da12e6fc752d/libssh2/out_of_bounds_read_disconnect_CVE-2019-17498">https://github.com/kevinbackhouse/SecurityExploits/tree/8cbdbbe6363510f7d9ceec685373da12e6fc752d/libssh2/out_of_bounds_read_disconnect_CVE-2019-17498</a><br><a href="https://github.com/libssh2/libssh2/blob/42d37aa63129a1b2644bf6495198923534322d64/src/packet.c#L480">https://github.com/libssh2/libssh2/blob/42d37aa63129a1b2644bf6495198923534322d64/src/packet.c#L480</a><br><a href="https://github.com/libssh2/libssh2/commit/dedcbd106f8e52d5586b0205bc7677e4c9868f9c">https://github.com/libssh2/libssh2/commit/dedcbd106f8e52d5586b0205bc7677e4c9868f9c</a><br><a href="https://github.com/libssh2/libssh2/pull/402/commits/1c6fa92b77e34d089493fe6d3e2c6c8775858b94">https://github.com/libssh2/libssh2/pull/402/commits/1c6fa92b77e34d089493fe6d3e2c6c8775858b94</a><br><a href="https://linux.oracle.com/cve/CVE-2019-17498.html">https://linux.oracle.com/cve/CVE-2019-17498.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2020-3915.html">https://linux.oracle.com/errata/ELSA-2020-3915.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2019/11/msg00010.html">https://lists.debian.org/debian-lts-announce/2019/11/msg00010.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2021/12/msg00013.html">https://lists.debian.org/debian-lts-announce/2021/12/msg00013.html</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/22H4Q5XMGS3QNSA7OCL3U7UQZ4NXMR5O/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/22H4Q5XMGS3QNSA7OCL3U7UQZ4NXMR5O/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TY7EEE34RFKCTXTMBQQWWSLXZWSCXNDB/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TY7EEE34RFKCTXTMBQQWWSLXZWSCXNDB/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2019-17498">https://nvd.nist.gov/vuln/detail/CVE-2019-17498</a><br></details>  |
+| libssl1.1         |    CVE-2022-1292   |   MEDIUM  |  1.1.1n-0+deb10u1 |  | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-1292">https://access.redhat.com/security/cve/CVE-2022-1292</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292</a><br><a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2">https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2</a><br><a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=548d3f280a6e737673f5b61fce24bb100108dfeb">https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=548d3f280a6e737673f5b61fce24bb100108dfeb</a><br><a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23">https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23</a><br><a href="https://mta.openssl.org/pipermail/openssl-announce/2022-May/000224.html">https://mta.openssl.org/pipermail/openssl-announce/2022-May/000224.html</a><br><a href="https://www.openssl.org/news/secadv/20220503.txt">https://www.openssl.org/news/secadv/20220503.txt</a><br></details>  |
 | libssl1.1         |    CVE-2007-6755   |   LOW  |  1.1.1n-0+deb10u1 |  | <details><summary>Expand...</summary><a href="http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/">http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/</a><br><a href="http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html">http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html</a><br><a href="http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html">http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html</a><br><a href="http://rump2007.cr.yp.to/15-shumow.pdf">http://rump2007.cr.yp.to/15-shumow.pdf</a><br><a href="http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/">http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/</a><br><a href="http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect">http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect</a><br><a href="http://www.securityfocus.com/bid/63657">http://www.securityfocus.com/bid/63657</a><br><a href="https://access.redhat.com/security/cve/CVE-2007-6755">https://access.redhat.com/security/cve/CVE-2007-6755</a><br><a href="https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html">https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html</a><br></details>  |
 | libssl1.1         |    CVE-2010-0928   |   LOW  |  1.1.1n-0+deb10u1 |  | <details><summary>Expand...</summary><a href="http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/">http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/</a><br><a href="http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf">http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf</a><br><a href="http://www.networkworld.com/news/2010/030410-rsa-security-attack.html">http://www.networkworld.com/news/2010/030410-rsa-security-attack.html</a><br><a href="http://www.osvdb.org/62808">http://www.osvdb.org/62808</a><br><a href="http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/">http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/</a><br><a href="https://access.redhat.com/security/cve/CVE-2010-0928">https://access.redhat.com/security/cve/CVE-2010-0928</a><br><a href="https://exchange.xforce.ibmcloud.com/vulnerabilities/56750">https://exchange.xforce.ibmcloud.com/vulnerabilities/56750</a><br></details>  |
 | libstdc++6         |    CVE-2018-12886   |   HIGH  |  8.3.0-6 |  | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2018-12886">https://access.redhat.com/security/cve/CVE-2018-12886</a><br><a href="https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379&amp;view=markup">https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379&amp;view=markup</a><br><a href="https://www.gnu.org/software/gcc/gcc-8/changes.html">https://www.gnu.org/software/gcc/gcc-8/changes.html</a><br></details>  |
@@ -776,6 +781,7 @@ hide:
 | mount         |    CVE-2022-0563   |   LOW  |  2.33.1-0.1 |  | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-0563">https://access.redhat.com/security/cve/CVE-2022-0563</a><br><a href="https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u">https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-0563">https://nvd.nist.gov/vuln/detail/CVE-2022-0563</a><br><a href="https://security.netapp.com/advisory/ntap-20220331-0002/">https://security.netapp.com/advisory/ntap-20220331-0002/</a><br></details>  |
 | ncurses-base         |    CVE-2022-29458   |   HIGH  |  6.1+20181013-2+deb10u2 |  | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-29458">https://access.redhat.com/security/cve/CVE-2022-29458</a><br><a href="https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html">https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html</a><br><a href="https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html">https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-29458">https://nvd.nist.gov/vuln/detail/CVE-2022-29458</a><br></details>  |
 | ncurses-base         |    CVE-2021-39537   |   LOW  |  6.1+20181013-2+deb10u2 |  | <details><summary>Expand...</summary><a href="http://cvsweb.netbsd.org/bsdweb.cgi/pkgsrc/devel/ncurses/patches/patch-ncurses_tinfo_captoinfo.c?rev=1.1&amp;content-type=text/x-cvsweb-markup">http://cvsweb.netbsd.org/bsdweb.cgi/pkgsrc/devel/ncurses/patches/patch-ncurses_tinfo_captoinfo.c?rev=1.1&amp;content-type=text/x-cvsweb-markup</a><br><a href="https://access.redhat.com/security/cve/CVE-2021-39537">https://access.redhat.com/security/cve/CVE-2021-39537</a><br><a href="https://lists.gnu.org/archive/html/bug-ncurses/2020-08/msg00006.html">https://lists.gnu.org/archive/html/bug-ncurses/2020-08/msg00006.html</a><br><a href="https://lists.gnu.org/archive/html/bug-ncurses/2021-10/msg00023.html">https://lists.gnu.org/archive/html/bug-ncurses/2021-10/msg00023.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-39537">https://nvd.nist.gov/vuln/detail/CVE-2021-39537</a><br></details>  |
+| openssl         |    CVE-2022-1292   |   MEDIUM  |  1.1.1n-0+deb10u1 |  | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-1292">https://access.redhat.com/security/cve/CVE-2022-1292</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292</a><br><a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2">https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2</a><br><a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=548d3f280a6e737673f5b61fce24bb100108dfeb">https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=548d3f280a6e737673f5b61fce24bb100108dfeb</a><br><a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23">https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23</a><br><a href="https://mta.openssl.org/pipermail/openssl-announce/2022-May/000224.html">https://mta.openssl.org/pipermail/openssl-announce/2022-May/000224.html</a><br><a href="https://www.openssl.org/news/secadv/20220503.txt">https://www.openssl.org/news/secadv/20220503.txt</a><br></details>  |
 | openssl         |    CVE-2007-6755   |   LOW  |  1.1.1n-0+deb10u1 |  | <details><summary>Expand...</summary><a href="http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/">http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/</a><br><a href="http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html">http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html</a><br><a href="http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html">http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html</a><br><a href="http://rump2007.cr.yp.to/15-shumow.pdf">http://rump2007.cr.yp.to/15-shumow.pdf</a><br><a href="http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/">http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/</a><br><a href="http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect">http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect</a><br><a href="http://www.securityfocus.com/bid/63657">http://www.securityfocus.com/bid/63657</a><br><a href="https://access.redhat.com/security/cve/CVE-2007-6755">https://access.redhat.com/security/cve/CVE-2007-6755</a><br><a href="https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html">https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html</a><br></details>  |
 | openssl         |    CVE-2010-0928   |   LOW  |  1.1.1n-0+deb10u1 |  | <details><summary>Expand...</summary><a href="http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/">http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/</a><br><a href="http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf">http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf</a><br><a href="http://www.networkworld.com/news/2010/030410-rsa-security-attack.html">http://www.networkworld.com/news/2010/030410-rsa-security-attack.html</a><br><a href="http://www.osvdb.org/62808">http://www.osvdb.org/62808</a><br><a href="http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/">http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/</a><br><a href="https://access.redhat.com/security/cve/CVE-2010-0928">https://access.redhat.com/security/cve/CVE-2010-0928</a><br><a href="https://exchange.xforce.ibmcloud.com/vulnerabilities/56750">https://exchange.xforce.ibmcloud.com/vulnerabilities/56750</a><br></details>  |
 | passwd         |    CVE-2007-5686   |   LOW  |  1:4.5-1.1 |  | <details><summary>Expand...</summary><a href="http://secunia.com/advisories/27215">http://secunia.com/advisories/27215</a><br><a href="http://www.securityfocus.com/archive/1/482129/100/100/threaded">http://www.securityfocus.com/archive/1/482129/100/100/threaded</a><br><a href="http://www.securityfocus.com/archive/1/482857/100/0/threaded">http://www.securityfocus.com/archive/1/482857/100/0/threaded</a><br><a href="http://www.securityfocus.com/bid/26048">http://www.securityfocus.com/bid/26048</a><br><a href="http://www.vupen.com/english/advisories/2007/3474">http://www.vupen.com/english/advisories/2007/3474</a><br><a href="https://issues.rpath.com/browse/RPL-1825">https://issues.rpath.com/browse/RPL-1825</a><br></details>  |

core/traefik/11.2.1/CHANGELOG.md

@@ -0,0 +1,99 @@
+# Changelog<br>
+
+
+<a name="traefik-11.2.1"></a>
+### [traefik-11.2.1](https://github.com/truecharts/apps/compare/traefik-11.2.0...traefik-11.2.1) (2022-05-04)
+
+#### Chore
+
+* update docker general non-major ([#2606](https://github.com/truecharts/apps/issues/2606))
+
+
+
+<a name="traefik-11.2.0"></a>
+### [traefik-11.2.0](https://github.com/truecharts/apps/compare/traefik-11.1.8...traefik-11.2.0) (2022-05-04)
+
+
+
+<a name="traefik-11.1.8"></a>
+### [traefik-11.1.8](https://github.com/truecharts/apps/compare/traefik-11.1.7...traefik-11.1.8) (2022-04-26)
+
+#### Chore
+
+* update helm general non-major helm releases ([#2573](https://github.com/truecharts/apps/issues/2573))
+
+
+
+<a name="traefik-11.1.7"></a>
+### [traefik-11.1.7](https://github.com/truecharts/apps/compare/traefik-11.1.6...traefik-11.1.7) (2022-04-20)
+
+#### Chore
+
+* update helm general non-major helm releases ([#2524](https://github.com/truecharts/apps/issues/2524))
+
+
+
+<a name="traefik-11.1.6"></a>
+### [traefik-11.1.6](https://github.com/truecharts/apps/compare/traefik-11.1.5...traefik-11.1.6) (2022-04-20)
+
+#### Chore
+
+* add missing quote on description ([#2515](https://github.com/truecharts/apps/issues/2515))
+
+#### Fix
+
+* Fix custom chain middleware settings ([#2513](https://github.com/truecharts/apps/issues/2513))
+
+
+
+<a name="traefik-11.1.5"></a>
+### [traefik-11.1.5](https://github.com/truecharts/apps/compare/traefik-11.1.4...traefik-11.1.5) (2022-04-12)
+
+#### Chore
+
+* update helm general non-major helm releases ([#2480](https://github.com/truecharts/apps/issues/2480))
+
+
+
+<a name="traefik-11.1.4"></a>
+### [traefik-11.1.4](https://github.com/truecharts/apps/compare/traefik-11.1.3...traefik-11.1.4) (2022-04-09)
+
+#### Chore
+
+* update docker general non-major ([#2460](https://github.com/truecharts/apps/issues/2460))
+
+
+
+<a name="traefik-11.1.3"></a>
+### [traefik-11.1.3](https://github.com/truecharts/apps/compare/traefik-11.1.2...traefik-11.1.3) (2022-04-08)
+
+
+
+<a name="traefik-11.1.2"></a>
+### [traefik-11.1.2](https://github.com/truecharts/apps/compare/traefik-11.1.1...traefik-11.1.2) (2022-04-06)
+
+
+
+<a name="traefik-11.1.1"></a>
+### [traefik-11.1.1](https://github.com/truecharts/apps/compare/traefik-11.1.0...traefik-11.1.1) (2022-04-04)
+
+
+
+<a name="traefik-11.1.0"></a>
+### [traefik-11.1.0](https://github.com/truecharts/apps/compare/traefik-11.0.13...traefik-11.1.0) (2022-04-04)
+
+#### Feat
+
+* Add stripPrefixRegex ([#2422](https://github.com/truecharts/apps/issues/2422))
+
+
+
+<a name="traefik-11.0.13"></a>
+### [traefik-11.0.13](https://github.com/truecharts/apps/compare/traefik-11.0.12...traefik-11.0.13) (2022-04-03)
+
+#### Chore
+
+* update helm general non-major helm releases ([#2410](https://github.com/truecharts/apps/issues/2410))
+
+
+

core/traefik/11.2.1/Chart.lock

@@ -3,4 +3,4 @@ dependencies:
   repository: https://library-charts.truecharts.org
   version: 9.3.2
 digest: sha256:4514044d0d416a02c0029081a25943395114bcb29df51a2ede27d4257f71d412
-generated: "2022-04-26T19:12:49.500831864Z"
+generated: "2022-05-04T21:08:46.412361435Z"

core/traefik/11.2.1/Chart.yaml

@@ -0,0 +1,30 @@
+apiVersion: v2
+appVersion: "2.6.6"
+dependencies:
+- name: common
+  repository: https://library-charts.truecharts.org
+  version: 9.3.2
+deprecated: false
+description: Traefik is a flexible reverse proxy and Ingress Provider.
+home: https://github.com/truecharts/apps/tree/master/charts/stable/traefik
+icon: https://truecharts.org/_static/img/appicons/traefik.png
+keywords:
+- traefik
+- ingress
+kubeVersion: '>=1.16.0-0'
+maintainers:
+- email: info@truecharts.org
+  name: TrueCharts
+  url: https://truecharts.org
+name: traefik
+sources:
+- https://github.com/traefik/traefik
+- https://github.com/traefik/traefik-helm-chart
+- https://traefik.io/
+type: application
+version: 11.2.1
+annotations:
+  truecharts.org/catagories: |
+    - network
+  truecharts.org/SCALE-support: "true"
+  truecharts.org/grade: U

core/traefik/11.2.1/README.md

@@ -0,0 +1,39 @@
+# Introduction
+
+Traefik is a flexible reverse proxy and Ingress Provider.
+
+TrueCharts are designed to be installed as TrueNAS SCALE app only. We can not guarantee this charts works as a stand-alone helm installation.
+**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/apps/issues/new/choose)**
+
+## Source Code
+
+* <https://github.com/traefik/traefik>
+* <https://github.com/traefik/traefik-helm-chart>
+* <https://traefik.io/>
+
+## Requirements
+
+Kubernetes: `>=1.16.0-0`
+
+## Dependencies
+
+| Repository | Name | Version |
+|------------|------|---------|
+| https://library-charts.truecharts.org | common | 9.3.2 |
+
+## Installing the Chart
+
+To install this App on TrueNAS SCALE check our [Quick-Start Guide](https://truecharts.org/manual/Quick-Start%20Guides/02-Installing-an-App/).
+
+## Upgrading, Rolling Back and Uninstalling the Chart
+
+To upgrade, rollback or delete this App from TrueNAS SCALE check our [Quick-Start Guide](https://truecharts.org/manual/Quick-Start%20Guides/04-Upgrade-rollback-delete-an-App/).
+
+## Support
+
+- Please check our [quick-start guides](https://truecharts.org/manual/Quick-Start%20Guides/01-Adding-TrueCharts/) first.
+- See the [Wiki](https://truecharts.org)
+- Check our [Discord](https://discord.gg/tVsPTHWTtr)
+- Open a [issue](https://github.com/truecharts/apps/issues/new/choose)
+---
+All Rights Reserved - The TrueCharts Project

core/traefik/11.2.1/app-readme.md

@@ -0,0 +1,3 @@
+Traefik is a flexible reverse proxy and Ingress Provider.
+
+This App is supplied by TrueCharts, for more information please visit https://truecharts.org

core/traefik/11.2.1/crds/ingressroute.yaml

@@ -0,0 +1,198 @@
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    "helm.sh/resource-policy": keep
+    "helm.sh/hook": pre-install,pre-upgrade,pre-rollback
+    controller-gen.kubebuilder.io/version: v0.4.1
+  creationTimestamp: null
+  name: ingressroutes.traefik.containo.us
+spec:
+  group: traefik.containo.us
+  names:
+    kind: IngressRoute
+    listKind: IngressRouteList
+    plural: ingressroutes
+    singular: ingressroute
+  scope: Namespaced
+  versions:
+  - name: v1alpha1
+    schema:
+      openAPIV3Schema:
+        description: IngressRoute is an Ingress CRD specification.
+        properties:
+          apiVersion:
+            description: 'APIVersion defines the versioned schema of this representation
+              of an object. Servers should convert recognized schemas to the latest
+              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+            type: string
+          kind:
+            description: 'Kind is a string value representing the REST resource this
+              object represents. Servers may infer this from the endpoint the client
+              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+            type: string
+          metadata:
+            type: object
+          spec:
+            description: IngressRouteSpec is a specification for a IngressRouteSpec
+              resource.
+            properties:
+              entryPoints:
+                items:
+                  type: string
+                type: array
+              routes:
+                items:
+                  description: Route contains the set of routes.
+                  properties:
+                    kind:
+                      enum:
+                      - Rule
+                      type: string
+                    match:
+                      type: string
+                    middlewares:
+                      items:
+                        description: MiddlewareRef is a ref to the Middleware resources.
+                        properties:
+                          name:
+                            type: string
+                          namespace:
+                            type: string
+                        required:
+                        - name
+                        type: object
+                      type: array
+                    priority:
+                      type: integer
+                    services:
+                      items:
+                        description: Service defines an upstream to proxy traffic.
+                        properties:
+                          kind:
+                            enum:
+                            - Service
+                            - TraefikService
+                            type: string
+                          name:
+                            description: Name is a reference to a Kubernetes Service
+                              object (for a load-balancer of servers), or to a TraefikService
+                              object (service load-balancer, mirroring, etc). The
+                              differentiation between the two is specified in the
+                              Kind field.
+                            type: string
+                          namespace:
+                            type: string
+                          passHostHeader:
+                            type: boolean
+                          port:
+                            anyOf:
+                            - type: integer
+                            - type: string
+                            x-kubernetes-int-or-string: true
+                          responseForwarding:
+                            description: ResponseForwarding holds configuration for
+                              the forward of the response.
+                            properties:
+                              flushInterval:
+                                type: string
+                            type: object
+                          scheme:
+                            type: string
+                          serversTransport:
+                            type: string
+                          sticky:
+                            description: Sticky holds the sticky configuration.
+                            properties:
+                              cookie:
+                                description: Cookie holds the sticky configuration
+                                  based on cookie.
+                                properties:
+                                  httpOnly:
+                                    type: boolean
+                                  name:
+                                    type: string
+                                  sameSite:
+                                    type: string
+                                  secure:
+                                    type: boolean
+                                type: object
+                            type: object
+                          strategy:
+                            type: string
+                          weight:
+                            description: Weight should only be specified when Name
+                              references a TraefikService object (and to be precise,
+                              one that embeds a Weighted Round Robin).
+                            type: integer
+                        required:
+                        - name
+                        type: object
+                      type: array
+                  required:
+                  - kind
+                  - match
+                  type: object
+                type: array
+              tls:
+                description: "TLS contains the TLS certificates configuration of the
+                  routes. To enable Let's Encrypt, use an empty TLS struct, e.g. in
+                  YAML: \n \t tls: {} # inline format \n \t tls: \t   secretName:
+                  # block format"
+                properties:
+                  certResolver:
+                    type: string
+                  domains:
+                    items:
+                      description: Domain holds a domain name with SANs.
+                      properties:
+                        main:
+                          type: string
+                        sans:
+                          items:
+                            type: string
+                          type: array
+                      type: object
+                    type: array
+                  options:
+                    description: Options is a reference to a TLSOption, that specifies
+                      the parameters of the TLS connection.
+                    properties:
+                      name:
+                        type: string
+                      namespace:
+                        type: string
+                    required:
+                    - name
+                    type: object
+                  secretName:
+                    description: SecretName is the name of the referenced Kubernetes
+                      Secret to specify the certificate details.
+                    type: string
+                  store:
+                    description: Store is a reference to a TLSStore, that specifies
+                      the parameters of the TLS store.
+                    properties:
+                      name:
+                        type: string
+                      namespace:
+                        type: string
+                    required:
+                    - name
+                    type: object
+                type: object
+            required:
+            - routes
+            type: object
+        required:
+        - metadata
+        - spec
+        type: object
+    served: true
+    storage: true
+status:
+  acceptedNames:
+    kind: ""
+    plural: ""
+  conditions: []
+  storedVersions: []

core/traefik/11.2.1/crds/ingressroutetcp.yaml

@@ -0,0 +1,160 @@
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    "helm.sh/resource-policy": keep
+    "helm.sh/hook": pre-install,pre-upgrade,pre-rollback
+    controller-gen.kubebuilder.io/version: v0.4.1
+  creationTimestamp: null
+  name: ingressroutetcps.traefik.containo.us
+spec:
+  group: traefik.containo.us
+  names:
+    kind: IngressRouteTCP
+    listKind: IngressRouteTCPList
+    plural: ingressroutetcps
+    singular: ingressroutetcp
+  scope: Namespaced
+  versions:
+  - name: v1alpha1
+    schema:
+      openAPIV3Schema:
+        description: IngressRouteTCP is an Ingress CRD specification.
+        properties:
+          apiVersion:
+            description: 'APIVersion defines the versioned schema of this representation
+              of an object. Servers should convert recognized schemas to the latest
+              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+            type: string
+          kind:
+            description: 'Kind is a string value representing the REST resource this
+              object represents. Servers may infer this from the endpoint the client
+              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+            type: string
+          metadata:
+            type: object
+          spec:
+            description: IngressRouteTCPSpec is a specification for a IngressRouteTCPSpec
+              resource.
+            properties:
+              entryPoints:
+                items:
+                  type: string
+                type: array
+              routes:
+                items:
+                  description: RouteTCP contains the set of routes.
+                  properties:
+                    match:
+                      type: string
+                    middlewares:
+                      description: Middlewares contains references to MiddlewareTCP
+                        resources.
+                      items:
+                        description: ObjectReference is a generic reference to a Traefik
+                          resource.
+                        properties:
+                          name:
+                            type: string
+                          namespace:
+                            type: string
+                        required:
+                        - name
+                        type: object
+                      type: array
+                    services:
+                      items:
+                        description: ServiceTCP defines an upstream to proxy traffic.
+                        properties:
+                          name:
+                            type: string
+                          namespace:
+                            type: string
+                          port:
+                            anyOf:
+                            - type: integer
+                            - type: string
+                            x-kubernetes-int-or-string: true
+                          proxyProtocol:
+                            description: ProxyProtocol holds the ProxyProtocol configuration.
+                            properties:
+                              version:
+                                type: integer
+                            type: object
+                          terminationDelay:
+                            type: integer
+                          weight:
+                            type: integer
+                        required:
+                        - name
+                        - port
+                        type: object
+                      type: array
+                  required:
+                  - match
+                  type: object
+                type: array
+              tls:
+                description: "TLSTCP contains the TLS certificates configuration of
+                  the routes. To enable Let's Encrypt, use an empty TLS struct, e.g.
+                  in YAML: \n \t tls: {} # inline format \n \t tls: \t   secretName:
+                  # block format"
+                properties:
+                  certResolver:
+                    type: string
+                  domains:
+                    items:
+                      description: Domain holds a domain name with SANs.
+                      properties:
+                        main:
+                          type: string
+                        sans:
+                          items:
+                            type: string
+                          type: array
+                      type: object
+                    type: array
+                  options:
+                    description: Options is a reference to a TLSOption, that specifies
+                      the parameters of the TLS connection.
+                    properties:
+                      name:
+                        type: string
+                      namespace:
+                        type: string
+                    required:
+                    - name
+                    type: object
+                  passthrough:
+                    type: boolean
+                  secretName:
+                    description: SecretName is the name of the referenced Kubernetes
+                      Secret to specify the certificate details.
+                    type: string
+                  store:
+                    description: Store is a reference to a TLSStore, that specifies
+                      the parameters of the TLS store.
+                    properties:
+                      name:
+                        type: string
+                      namespace:
+                        type: string
+                    required:
+                    - name
+                    type: object
+                type: object
+            required:
+            - routes
+            type: object
+        required:
+        - metadata
+        - spec
+        type: object
+    served: true
+    storage: true
+status:
+  acceptedNames:
+    kind: ""
+    plural: ""
+  conditions: []
+  storedVersions: []

core/traefik/11.2.1/crds/ingressrouteudp.yaml

@@ -0,0 +1,84 @@
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    "helm.sh/resource-policy": keep
+    "helm.sh/hook": pre-install,pre-upgrade,pre-rollback
+    controller-gen.kubebuilder.io/version: v0.4.1
+  creationTimestamp: null
+  name: ingressrouteudps.traefik.containo.us
+spec:
+  group: traefik.containo.us
+  names:
+    kind: IngressRouteUDP
+    listKind: IngressRouteUDPList
+    plural: ingressrouteudps
+    singular: ingressrouteudp
+  scope: Namespaced
+  versions:
+  - name: v1alpha1
+    schema:
+      openAPIV3Schema:
+        description: IngressRouteUDP is an Ingress CRD specification.
+        properties:
+          apiVersion:
+            description: 'APIVersion defines the versioned schema of this representation
+              of an object. Servers should convert recognized schemas to the latest
+              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+            type: string
+          kind:
+            description: 'Kind is a string value representing the REST resource this
+              object represents. Servers may infer this from the endpoint the client
+              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+            type: string
+          metadata:
+            type: object
+          spec:
+            description: IngressRouteUDPSpec is a specification for a IngressRouteUDPSpec
+              resource.
+            properties:
+              entryPoints:
+                items:
+                  type: string
+                type: array
+              routes:
+                items:
+                  description: RouteUDP contains the set of routes.
+                  properties:
+                    services:
+                      items:
+                        description: ServiceUDP defines an upstream to proxy traffic.
+                        properties:
+                          name:
+                            type: string
+                          namespace:
+                            type: string
+                          port:
+                            anyOf:
+                            - type: integer
+                            - type: string
+                            x-kubernetes-int-or-string: true
+                          weight:
+                            type: integer
+                        required:
+                        - name
+                        - port
+                        type: object
+                      type: array
+                  type: object
+                type: array
+            required:
+            - routes
+            type: object
+        required:
+        - metadata
+        - spec
+        type: object
+    served: true
+    storage: true
+status:
+  acceptedNames:
+    kind: ""
+    plural: ""
+  conditions: []
+  storedVersions: []

core/traefik/11.2.1/crds/middlewares.yaml

@@ -0,0 +1,563 @@
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    "helm.sh/resource-policy": keep
+    "helm.sh/hook": pre-install,pre-upgrade,pre-rollback
+    controller-gen.kubebuilder.io/version: v0.4.1
+  creationTimestamp: null
+  name: middlewares.traefik.containo.us
+spec:
+  group: traefik.containo.us
+  names:
+    kind: Middleware
+    listKind: MiddlewareList
+    plural: middlewares
+    singular: middleware
+  scope: Namespaced
+  versions:
+  - name: v1alpha1
+    schema:
+      openAPIV3Schema:
+        description: Middleware is a specification for a Middleware resource.
+        properties:
+          apiVersion:
+            description: 'APIVersion defines the versioned schema of this representation
+              of an object. Servers should convert recognized schemas to the latest
+              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+            type: string
+          kind:
+            description: 'Kind is a string value representing the REST resource this
+              object represents. Servers may infer this from the endpoint the client
+              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+            type: string
+          metadata:
+            type: object
+          spec:
+            description: MiddlewareSpec holds the Middleware configuration.
+            properties:
+              addPrefix:
+                description: AddPrefix holds the AddPrefix configuration.
+                properties:
+                  prefix:
+                    type: string
+                type: object
+              basicAuth:
+                description: BasicAuth holds the HTTP basic authentication configuration.
+                properties:
+                  headerField:
+                    type: string
+                  realm:
+                    type: string
+                  removeHeader:
+                    type: boolean
+                  secret:
+                    type: string
+                type: object
+              buffering:
+                description: Buffering holds the request/response buffering configuration.
+                properties:
+                  maxRequestBodyBytes:
+                    format: int64
+                    type: integer
+                  maxResponseBodyBytes:
+                    format: int64
+                    type: integer
+                  memRequestBodyBytes:
+                    format: int64
+                    type: integer
+                  memResponseBodyBytes:
+                    format: int64
+                    type: integer
+                  retryExpression:
+                    type: string
+                type: object
+              chain:
+                description: Chain holds a chain of middlewares.
+                properties:
+                  middlewares:
+                    items:
+                      description: MiddlewareRef is a ref to the Middleware resources.
+                      properties:
+                        name:
+                          type: string
+                        namespace:
+                          type: string
+                      required:
+                      - name
+                      type: object
+                    type: array
+                type: object
+              circuitBreaker:
+                description: CircuitBreaker holds the circuit breaker configuration.
+                properties:
+                  expression:
+                    type: string
+                type: object
+              compress:
+                description: Compress holds the compress configuration.
+                properties:
+                  excludedContentTypes:
+                    items:
+                      type: string
+                    type: array
+                type: object
+              contentType:
+                description: ContentType middleware - or rather its unique `autoDetect`
+                  option - specifies whether to let the `Content-Type` header, if
+                  it has not been set by the backend, be automatically set to a value
+                  derived from the contents of the response. As a proxy, the default
+                  behavior should be to leave the header alone, regardless of what
+                  the backend did with it. However, the historic default was to always
+                  auto-detect and set the header if it was nil, and it is going to
+                  be kept that way in order to support users currently relying on
+                  it. This middleware exists to enable the correct behavior until
+                  at least the default one can be changed in a future version.
+                properties:
+                  autoDetect:
+                    type: boolean
+                type: object
+              digestAuth:
+                description: DigestAuth holds the Digest HTTP authentication configuration.
+                properties:
+                  headerField:
+                    type: string
+                  realm:
+                    type: string
+                  removeHeader:
+                    type: boolean
+                  secret:
+                    type: string
+                type: object
+              errors:
+                description: ErrorPage holds the custom error page configuration.
+                properties:
+                  query:
+                    type: string
+                  service:
+                    description: Service defines an upstream to proxy traffic.
+                    properties:
+                      kind:
+                        enum:
+                        - Service
+                        - TraefikService
+                        type: string
+                      name:
+                        description: Name is a reference to a Kubernetes Service object
+                          (for a load-balancer of servers), or to a TraefikService
+                          object (service load-balancer, mirroring, etc). The differentiation
+                          between the two is specified in the Kind field.
+                        type: string
+                      namespace:
+                        type: string
+                      passHostHeader:
+                        type: boolean
+                      port:
+                        anyOf:
+                        - type: integer
+                        - type: string
+                        x-kubernetes-int-or-string: true
+                      responseForwarding:
+                        description: ResponseForwarding holds configuration for the
+                          forward of the response.
+                        properties:
+                          flushInterval:
+                            type: string
+                        type: object
+                      scheme:
+                        type: string
+                      serversTransport:
+                        type: string
+                      sticky:
+                        description: Sticky holds the sticky configuration.
+                        properties:
+                          cookie:
+                            description: Cookie holds the sticky configuration based
+                              on cookie.
+                            properties:
+                              httpOnly:
+                                type: boolean
+                              name:
+                                type: string
+                              sameSite:
+                                type: string
+                              secure:
+                                type: boolean
+                            type: object
+                        type: object
+                      strategy:
+                        type: string
+                      weight:
+                        description: Weight should only be specified when Name references
+                          a TraefikService object (and to be precise, one that embeds
+                          a Weighted Round Robin).
+                        type: integer
+                    required:
+                    - name
+                    type: object
+                  status:
+                    items:
+                      type: string
+                    type: array
+                type: object
+              forwardAuth:
+                description: ForwardAuth holds the http forward authentication configuration.
+                properties:
+                  address:
+                    type: string
+                  authRequestHeaders:
+                    items:
+                      type: string
+                    type: array
+                  authResponseHeaders:
+                    items:
+                      type: string
+                    type: array
+                  authResponseHeadersRegex:
+                    type: string
+                  tls:
+                    description: ClientTLS holds TLS specific configurations as client.
+                    properties:
+                      caOptional:
+                        type: boolean
+                      caSecret:
+                        type: string
+                      certSecret:
+                        type: string
+                      insecureSkipVerify:
+                        type: boolean
+                    type: object
+                  trustForwardHeader:
+                    type: boolean
+                type: object
+              headers:
+                description: Headers holds the custom header configuration.
+                properties:
+                  accessControlAllowCredentials:
+                    description: AccessControlAllowCredentials is only valid if true.
+                      false is ignored.
+                    type: boolean
+                  accessControlAllowHeaders:
+                    description: AccessControlAllowHeaders must be used in response
+                      to a preflight request with Access-Control-Request-Headers set.
+                    items:
+                      type: string
+                    type: array
+                  accessControlAllowMethods:
+                    description: AccessControlAllowMethods must be used in response
+                      to a preflight request with Access-Control-Request-Method set.
+                    items:
+                      type: string
+                    type: array
+                  accessControlAllowOriginList:
+                    description: AccessControlAllowOriginList is a list of allowable
+                      origins. Can also be a wildcard origin "*".
+                    items:
+                      type: string
+                    type: array
+                  accessControlAllowOriginListRegex:
+                    description: AccessControlAllowOriginListRegex is a list of allowable
+                      origins written following the Regular Expression syntax (https://golang.org/pkg/regexp/).
+                    items:
+                      type: string
+                    type: array
+                  accessControlExposeHeaders:
+                    description: AccessControlExposeHeaders sets valid headers for
+                      the response.
+                    items:
+                      type: string
+                    type: array
+                  accessControlMaxAge:
+                    description: AccessControlMaxAge sets the time that a preflight
+                      request may be cached.
+                    format: int64
+                    type: integer
+                  addVaryHeader:
+                    description: AddVaryHeader controls if the Vary header is automatically
+                      added/updated when the AccessControlAllowOriginList is set.
+                    type: boolean
+                  allowedHosts:
+                    items:
+                      type: string
+                    type: array
+                  browserXssFilter:
+                    type: boolean
+                  contentSecurityPolicy:
+                    type: string
+                  contentTypeNosniff:
+                    type: boolean
+                  customBrowserXSSValue:
+                    type: string
+                  customFrameOptionsValue:
+                    type: string
+                  customRequestHeaders:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  customResponseHeaders:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  featurePolicy:
+                    type: string
+                  forceSTSHeader:
+                    type: boolean
+                  frameDeny:
+                    type: boolean
+                  hostsProxyHeaders:
+                    items:
+                      type: string
+                    type: array
+                  isDevelopment:
+                    type: boolean
+                  publicKey:
+                    type: string
+                  referrerPolicy:
+                    type: string
+                  sslForceHost:
+                    description: 'Deprecated: use RedirectRegex instead.'
+                    type: boolean
+                  sslHost:
+                    description: 'Deprecated: use RedirectRegex instead.'
+                    type: string
+                  sslProxyHeaders:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  sslRedirect:
+                    description: 'Deprecated: use EntryPoint redirection or RedirectScheme
+                      instead.'
+                    type: boolean
+                  sslTemporaryRedirect:
+                    description: 'Deprecated: use EntryPoint redirection or RedirectScheme
+                      instead.'
+                    type: boolean
+                  stsIncludeSubdomains:
+                    type: boolean
+                  stsPreload:
+                    type: boolean
+                  stsSeconds:
+                    format: int64
+                    type: integer
+                type: object
+              inFlightReq:
+                description: InFlightReq limits the number of requests being processed
+                  and served concurrently.
+                properties:
+                  amount:
+                    format: int64
+                    type: integer
+                  sourceCriterion:
+                    description: SourceCriterion defines what criterion is used to
+                      group requests as originating from a common source. If none
+                      are set, the default is to use the request's remote address
+                      field. All fields are mutually exclusive.
+                    properties:
+                      ipStrategy:
+                        description: IPStrategy holds the ip strategy configuration.
+                        properties:
+                          depth:
+                            type: integer
+                          excludedIPs:
+                            items:
+                              type: string
+                            type: array
+                        type: object
+                      requestHeaderName:
+                        type: string
+                      requestHost:
+                        type: boolean
+                    type: object
+                type: object
+              ipWhiteList:
+                description: IPWhiteList holds the ip white list configuration.
+                properties:
+                  ipStrategy:
+                    description: IPStrategy holds the ip strategy configuration.
+                    properties:
+                      depth:
+                        type: integer
+                      excludedIPs:
+                        items:
+                          type: string
+                        type: array
+                    type: object
+                  sourceRange:
+                    items:
+                      type: string
+                    type: array
+                type: object
+              passTLSClientCert:
+                description: PassTLSClientCert holds the TLS client cert headers configuration.
+                properties:
+                  info:
+                    description: TLSClientCertificateInfo holds the client TLS certificate
+                      info configuration.
+                    properties:
+                      issuer:
+                        description: TLSCLientCertificateDNInfo holds the client TLS
+                          certificate distinguished name info configuration. cf https://tools.ietf.org/html/rfc3739
+                        properties:
+                          commonName:
+                            type: boolean
+                          country:
+                            type: boolean
+                          domainComponent:
+                            type: boolean
+                          locality:
+                            type: boolean
+                          organization:
+                            type: boolean
+                          province:
+                            type: boolean
+                          serialNumber:
+                            type: boolean
+                        type: object
+                      notAfter:
+                        type: boolean
+                      notBefore:
+                        type: boolean
+                      sans:
+                        type: boolean
+                      serialNumber:
+                        type: boolean
+                      subject:
+                        description: TLSCLientCertificateDNInfo holds the client TLS
+                          certificate distinguished name info configuration. cf https://tools.ietf.org/html/rfc3739
+                        properties:
+                          commonName:
+                            type: boolean
+                          country:
+                            type: boolean
+                          domainComponent:
+                            type: boolean
+                          locality:
+                            type: boolean
+                          organization:
+                            type: boolean
+                          province:
+                            type: boolean
+                          serialNumber:
+                            type: boolean
+                        type: object
+                    type: object
+                  pem:
+                    type: boolean
+                type: object
+              plugin:
+                additionalProperties:
+                  x-kubernetes-preserve-unknown-fields: true
+                type: object
+              rateLimit:
+                description: RateLimit holds the rate limiting configuration for a
+                  given router.
+                properties:
+                  average:
+                    format: int64
+                    type: integer
+                  burst:
+                    format: int64
+                    type: integer
+                  period:
+                    anyOf:
+                    - type: integer
+                    - type: string
+                    x-kubernetes-int-or-string: true
+                  sourceCriterion:
+                    description: SourceCriterion defines what criterion is used to
+                      group requests as originating from a common source. If none
+                      are set, the default is to use the request's remote address
+                      field. All fields are mutually exclusive.
+                    properties:
+                      ipStrategy:
+                        description: IPStrategy holds the ip strategy configuration.
+                        properties:
+                          depth:
+                            type: integer
+                          excludedIPs:
+                            items:
+                              type: string
+                            type: array
+                        type: object
+                      requestHeaderName:
+                        type: string
+                      requestHost:
+                        type: boolean
+                    type: object
+                type: object
+              redirectRegex:
+                description: RedirectRegex holds the redirection configuration.
+                properties:
+                  permanent:
+                    type: boolean
+                  regex:
+                    type: string
+                  replacement:
+                    type: string
+                type: object
+              redirectScheme:
+                description: RedirectScheme holds the scheme redirection configuration.
+                properties:
+                  permanent:
+                    type: boolean
+                  port:
+                    type: string
+                  scheme:
+                    type: string
+                type: object
+              replacePath:
+                description: ReplacePath holds the ReplacePath configuration.
+                properties:
+                  path:
+                    type: string
+                type: object
+              replacePathRegex:
+                description: ReplacePathRegex holds the ReplacePathRegex configuration.
+                properties:
+                  regex:
+                    type: string
+                  replacement:
+                    type: string
+                type: object
+              retry:
+                description: Retry holds the retry configuration.
+                properties:
+                  attempts:
+                    type: integer
+                  initialInterval:
+                    anyOf:
+                    - type: integer
+                    - type: string
+                    x-kubernetes-int-or-string: true
+                type: object
+              stripPrefix:
+                description: StripPrefix holds the StripPrefix configuration.
+                properties:
+                  forceSlash:
+                    type: boolean
+                  prefixes:
+                    items:
+                      type: string
+                    type: array
+                type: object
+              stripPrefixRegex:
+                description: StripPrefixRegex holds the StripPrefixRegex configuration.
+                properties:
+                  regex:
+                    items:
+                      type: string
+                    type: array
+                type: object
+            type: object
+        required:
+        - metadata
+        - spec
+        type: object
+    served: true
+    storage: true
+status:
+  acceptedNames:
+    kind: ""
+    plural: ""
+  conditions: []
+  storedVersions: []

core/traefik/11.2.1/crds/middlewarestcp.yaml

@@ -0,0 +1,59 @@
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    "helm.sh/resource-policy": keep
+    "helm.sh/hook": pre-install,pre-upgrade,pre-rollback
+    controller-gen.kubebuilder.io/version: v0.4.1
+  creationTimestamp: null
+  name: middlewaretcps.traefik.containo.us
+spec:
+  group: traefik.containo.us
+  names:
+    kind: MiddlewareTCP
+    listKind: MiddlewareTCPList
+    plural: middlewaretcps
+    singular: middlewaretcp
+  scope: Namespaced
+  versions:
+  - name: v1alpha1
+    schema:
+      openAPIV3Schema:
+        description: MiddlewareTCP is a specification for a MiddlewareTCP resource.
+        properties:
+          apiVersion:
+            description: 'APIVersion defines the versioned schema of this representation
+              of an object. Servers should convert recognized schemas to the latest
+              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+            type: string
+          kind:
+            description: 'Kind is a string value representing the REST resource this
+              object represents. Servers may infer this from the endpoint the client
+              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+            type: string
+          metadata:
+            type: object
+          spec:
+            description: MiddlewareTCPSpec holds the MiddlewareTCP configuration.
+            properties:
+              ipWhiteList:
+                description: TCPIPWhiteList holds the TCP ip white list configuration.
+                properties:
+                  sourceRange:
+                    items:
+                      type: string
+                    type: array
+                type: object
+            type: object
+        required:
+        - metadata
+        - spec
+        type: object
+    served: true
+    storage: true
+status:
+  acceptedNames:
+    kind: ""
+    plural: ""
+  conditions: []
+  storedVersions: []

core/traefik/11.2.1/crds/serverstransports.yaml

@@ -0,0 +1,101 @@
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    "helm.sh/resource-policy": keep
+    "helm.sh/hook": pre-install,pre-upgrade,pre-rollback
+    controller-gen.kubebuilder.io/version: v0.4.1
+  creationTimestamp: null
+  name: serverstransports.traefik.containo.us
+spec:
+  group: traefik.containo.us
+  names:
+    kind: ServersTransport
+    listKind: ServersTransportList
+    plural: serverstransports
+    singular: serverstransport
+  scope: Namespaced
+  versions:
+  - name: v1alpha1
+    schema:
+      openAPIV3Schema:
+        description: ServersTransport is a specification for a ServersTransport resource.
+        properties:
+          apiVersion:
+            description: 'APIVersion defines the versioned schema of this representation
+              of an object. Servers should convert recognized schemas to the latest
+              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+            type: string
+          kind:
+            description: 'Kind is a string value representing the REST resource this
+              object represents. Servers may infer this from the endpoint the client
+              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+            type: string
+          metadata:
+            type: object
+          spec:
+            description: ServersTransportSpec options to configure communication between
+              Traefik and the servers.
+            properties:
+              certificatesSecrets:
+                description: Certificates for mTLS.
+                items:
+                  type: string
+                type: array
+              disableHTTP2:
+                description: Disable HTTP/2 for connections with backend servers.
+                type: boolean
+              forwardingTimeouts:
+                description: Timeouts for requests forwarded to the backend servers.
+                properties:
+                  dialTimeout:
+                    anyOf:
+                    - type: integer
+                    - type: string
+                    description: The amount of time to wait until a connection to
+                      a backend server can be established. If zero, no timeout exists.
+                    x-kubernetes-int-or-string: true
+                  idleConnTimeout:
+                    anyOf:
+                    - type: integer
+                    - type: string
+                    description: The maximum period for which an idle HTTP keep-alive
+                      connection will remain open before closing itself.
+                    x-kubernetes-int-or-string: true
+                  responseHeaderTimeout:
+                    anyOf:
+                    - type: integer
+                    - type: string
+                    description: The amount of time to wait for a server's response
+                      headers after fully writing the request (including its body,
+                      if any). If zero, no timeout exists.
+                    x-kubernetes-int-or-string: true
+                type: object
+              insecureSkipVerify:
+                description: Disable SSL certificate verification.
+                type: boolean
+              maxIdleConnsPerHost:
+                description: If non-zero, controls the maximum idle (keep-alive) to
+                  keep per-host. If zero, DefaultMaxIdleConnsPerHost is used.
+                type: integer
+              rootCAsSecrets:
+                description: Add cert file for self-signed certificate.
+                items:
+                  type: string
+                type: array
+              serverName:
+                description: ServerName used to contact the server.
+                type: string
+            type: object
+        required:
+        - metadata
+        - spec
+        type: object
+    served: true
+    storage: true
+status:
+  acceptedNames:
+    kind: ""
+    plural: ""
+  conditions: []
+  storedVersions: []

core/traefik/11.2.1/crds/tlsoptions.yaml

@@ -0,0 +1,87 @@
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    "helm.sh/resource-policy": keep
+    "helm.sh/hook": pre-install,pre-upgrade,pre-rollback
+    controller-gen.kubebuilder.io/version: v0.4.1
+  creationTimestamp: null
+  name: tlsoptions.traefik.containo.us
+spec:
+  group: traefik.containo.us
+  names:
+    kind: TLSOption
+    listKind: TLSOptionList
+    plural: tlsoptions
+    singular: tlsoption
+  scope: Namespaced
+  versions:
+  - name: v1alpha1
+    schema:
+      openAPIV3Schema:
+        description: TLSOption is a specification for a TLSOption resource.
+        properties:
+          apiVersion:
+            description: 'APIVersion defines the versioned schema of this representation
+              of an object. Servers should convert recognized schemas to the latest
+              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+            type: string
+          kind:
+            description: 'Kind is a string value representing the REST resource this
+              object represents. Servers may infer this from the endpoint the client
+              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+            type: string
+          metadata:
+            type: object
+          spec:
+            description: TLSOptionSpec configures TLS for an entry point.
+            properties:
+              cipherSuites:
+                items:
+                  type: string
+                type: array
+              clientAuth:
+                description: ClientAuth defines the parameters of the client authentication
+                  part of the TLS connection, if any.
+                properties:
+                  clientAuthType:
+                    description: ClientAuthType defines the client authentication
+                      type to apply.
+                    enum:
+                    - NoClientCert
+                    - RequestClientCert
+                    - VerifyClientCertIfGiven
+                    - RequireAndVerifyClientCert
+                    type: string
+                  secretNames:
+                    description: SecretName is the name of the referenced Kubernetes
+                      Secret to specify the certificate details.
+                    items:
+                      type: string
+                    type: array
+                type: object
+              curvePreferences:
+                items:
+                  type: string
+                type: array
+              maxVersion:
+                type: string
+              minVersion:
+                type: string
+              preferServerCipherSuites:
+                type: boolean
+              sniStrict:
+                type: boolean
+            type: object
+        required:
+        - metadata
+        - spec
+        type: object
+    served: true
+    storage: true
+status:
+  acceptedNames:
+    kind: ""
+    plural: ""
+  conditions: []
+  storedVersions: []

core/traefik/11.2.1/crds/tlsstores.yaml

@@ -0,0 +1,64 @@
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    "helm.sh/resource-policy": keep
+    "helm.sh/hook": pre-install,pre-upgrade,pre-rollback
+    controller-gen.kubebuilder.io/version: v0.4.1
+  creationTimestamp: null
+  name: tlsstores.traefik.containo.us
+spec:
+  group: traefik.containo.us
+  names:
+    kind: TLSStore
+    listKind: TLSStoreList
+    plural: tlsstores
+    singular: tlsstore
+  scope: Namespaced
+  versions:
+  - name: v1alpha1
+    schema:
+      openAPIV3Schema:
+        description: TLSStore is a specification for a TLSStore resource.
+        properties:
+          apiVersion:
+            description: 'APIVersion defines the versioned schema of this representation
+              of an object. Servers should convert recognized schemas to the latest
+              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+            type: string
+          kind:
+            description: 'Kind is a string value representing the REST resource this
+              object represents. Servers may infer this from the endpoint the client
+              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+            type: string
+          metadata:
+            type: object
+          spec:
+            description: TLSStoreSpec configures a TLSStore resource.
+            properties:
+              defaultCertificate:
+                description: DefaultCertificate holds a secret name for the TLSOption
+                  resource.
+                properties:
+                  secretName:
+                    description: SecretName is the name of the referenced Kubernetes
+                      Secret to specify the certificate details.
+                    type: string
+                required:
+                - secretName
+                type: object
+            required:
+            - defaultCertificate
+            type: object
+        required:
+        - metadata
+        - spec
+        type: object
+    served: true
+    storage: true
+status:
+  acceptedNames:
+    kind: ""
+    plural: ""
+  conditions: []
+  storedVersions: []

core/traefik/11.2.1/crds/traefikservices.yaml

@@ -0,0 +1,270 @@
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    "helm.sh/resource-policy": keep
+    "helm.sh/hook": pre-install,pre-upgrade,pre-rollback
+    controller-gen.kubebuilder.io/version: v0.4.1
+  creationTimestamp: null
+  name: traefikservices.traefik.containo.us
+spec:
+  group: traefik.containo.us
+  names:
+    kind: TraefikService
+    listKind: TraefikServiceList
+    plural: traefikservices
+    singular: traefikservice
+  scope: Namespaced
+  versions:
+  - name: v1alpha1
+    schema:
+      openAPIV3Schema:
+        description: TraefikService is the specification for a service (that an IngressRoute
+          refers to) that is usually not a terminal service (i.e. not a pod of servers),
+          as opposed to a Kubernetes Service. That is to say, it usually refers to
+          other (children) services, which themselves can be TraefikServices or Services.
+        properties:
+          apiVersion:
+            description: 'APIVersion defines the versioned schema of this representation
+              of an object. Servers should convert recognized schemas to the latest
+              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+            type: string
+          kind:
+            description: 'Kind is a string value representing the REST resource this
+              object represents. Servers may infer this from the endpoint the client
+              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+            type: string
+          metadata:
+            type: object
+          spec:
+            description: ServiceSpec defines whether a TraefikService is a load-balancer
+              of services or a mirroring service.
+            properties:
+              mirroring:
+                description: Mirroring defines a mirroring service, which is composed
+                  of a main load-balancer, and a list of mirrors.
+                properties:
+                  kind:
+                    enum:
+                    - Service
+                    - TraefikService
+                    type: string
+                  maxBodySize:
+                    format: int64
+                    type: integer
+                  mirrors:
+                    items:
+                      description: MirrorService defines one of the mirrors of a Mirroring
+                        service.
+                      properties:
+                        kind:
+                          enum:
+                          - Service
+                          - TraefikService
+                          type: string
+                        name:
+                          description: Name is a reference to a Kubernetes Service
+                            object (for a load-balancer of servers), or to a TraefikService
+                            object (service load-balancer, mirroring, etc). The differentiation
+                            between the two is specified in the Kind field.
+                          type: string
+                        namespace:
+                          type: string
+                        passHostHeader:
+                          type: boolean
+                        percent:
+                          type: integer
+                        port:
+                          anyOf:
+                          - type: integer
+                          - type: string
+                          x-kubernetes-int-or-string: true
+                        responseForwarding:
+                          description: ResponseForwarding holds configuration for
+                            the forward of the response.
+                          properties:
+                            flushInterval:
+                              type: string
+                          type: object
+                        scheme:
+                          type: string
+                        serversTransport:
+                          type: string
+                        sticky:
+                          description: Sticky holds the sticky configuration.
+                          properties:
+                            cookie:
+                              description: Cookie holds the sticky configuration based
+                                on cookie.
+                              properties:
+                                httpOnly:
+                                  type: boolean
+                                name:
+                                  type: string
+                                sameSite:
+                                  type: string
+                                secure:
+                                  type: boolean
+                              type: object
+                          type: object
+                        strategy:
+                          type: string
+                        weight:
+                          description: Weight should only be specified when Name references
+                            a TraefikService object (and to be precise, one that embeds
+                            a Weighted Round Robin).
+                          type: integer
+                      required:
+                      - name
+                      type: object
+                    type: array
+                  name:
+                    description: Name is a reference to a Kubernetes Service object
+                      (for a load-balancer of servers), or to a TraefikService object
+                      (service load-balancer, mirroring, etc). The differentiation
+                      between the two is specified in the Kind field.
+                    type: string
+                  namespace:
+                    type: string
+                  passHostHeader:
+                    type: boolean
+                  port:
+                    anyOf:
+                    - type: integer
+                    - type: string
+                    x-kubernetes-int-or-string: true
+                  responseForwarding:
+                    description: ResponseForwarding holds configuration for the forward
+                      of the response.
+                    properties:
+                      flushInterval:
+                        type: string
+                    type: object
+                  scheme:
+                    type: string
+                  serversTransport:
+                    type: string
+                  sticky:
+                    description: Sticky holds the sticky configuration.
+                    properties:
+                      cookie:
+                        description: Cookie holds the sticky configuration based on
+                          cookie.
+                        properties:
+                          httpOnly:
+                            type: boolean
+                          name:
+                            type: string
+                          sameSite:
+                            type: string
+                          secure:
+                            type: boolean
+                        type: object
+                    type: object
+                  strategy:
+                    type: string
+                  weight:
+                    description: Weight should only be specified when Name references
+                      a TraefikService object (and to be precise, one that embeds
+                      a Weighted Round Robin).
+                    type: integer
+                required:
+                - name
+                type: object
+              weighted:
+                description: WeightedRoundRobin defines a load-balancer of services.
+                properties:
+                  services:
+                    items:
+                      description: Service defines an upstream to proxy traffic.
+                      properties:
+                        kind:
+                          enum:
+                          - Service
+                          - TraefikService
+                          type: string
+                        name:
+                          description: Name is a reference to a Kubernetes Service
+                            object (for a load-balancer of servers), or to a TraefikService
+                            object (service load-balancer, mirroring, etc). The differentiation
+                            between the two is specified in the Kind field.
+                          type: string
+                        namespace:
+                          type: string
+                        passHostHeader:
+                          type: boolean
+                        port:
+                          anyOf:
+                          - type: integer
+                          - type: string
+                          x-kubernetes-int-or-string: true
+                        responseForwarding:
+                          description: ResponseForwarding holds configuration for
+                            the forward of the response.
+                          properties:
+                            flushInterval:
+                              type: string
+                          type: object
+                        scheme:
+                          type: string
+                        serversTransport:
+                          type: string
+                        sticky:
+                          description: Sticky holds the sticky configuration.
+                          properties:
+                            cookie:
+                              description: Cookie holds the sticky configuration based
+                                on cookie.
+                              properties:
+                                httpOnly:
+                                  type: boolean
+                                name:
+                                  type: string
+                                sameSite:
+                                  type: string
+                                secure:
+                                  type: boolean
+                              type: object
+                          type: object
+                        strategy:
+                          type: string
+                        weight:
+                          description: Weight should only be specified when Name references
+                            a TraefikService object (and to be precise, one that embeds
+                            a Weighted Round Robin).
+                          type: integer
+                      required:
+                      - name
+                      type: object
+                    type: array
+                  sticky:
+                    description: Sticky holds the sticky configuration.
+                    properties:
+                      cookie:
+                        description: Cookie holds the sticky configuration based on
+                          cookie.
+                        properties:
+                          httpOnly:
+                            type: boolean
+                          name:
+                            type: string
+                          sameSite:
+                            type: string
+                          secure:
+                            type: boolean
+                        type: object
+                    type: object
+                type: object
+            type: object
+        required:
+        - metadata
+        - spec
+        type: object
+    served: true
+    storage: true
+status:
+  acceptedNames:
+    kind: ""
+    plural: ""
+  conditions: []
+  storedVersions: []

core/traefik/11.2.1/helm-values.md

@@ -0,0 +1,55 @@
+# Default Helm-Values
+
+TrueCharts is primarily build to supply TrueNAS SCALE Apps.
+However, we also supply all Apps as standard Helm-Charts. In this document we aim to document the default values in our values.yaml file.
+
+Most of our Apps also consume our "common" Helm Chart.
+If this is the case, this means that all values.yaml values are set to the common chart values.yaml by default. This values.yaml file will only contain values that deviate from the common chart.
+You will, however, be able to use all values referenced in the common chart here, besides the values listed in this document.
+
+## Values
+
+| Key | Type | Default | Description |
+|-----|------|---------|-------------|
+| additionalArguments | list | `["--metrics.prometheus","--ping","--serverstransport.insecureskipverify=true","--providers.kubernetesingress.allowexternalnameservices=true"]` | Additional arguments to be passed at Traefik's binary All available options available on https://docs.traefik.io/reference/static-configuration/cli/ |
+| globalArguments[0] | string | `"--global.checknewversion"` |  |
+| image.pullPolicy | string | `"IfNotPresent"` |  |
+| image.repository | string | `"tccr.io/truecharts/traefik"` |  |
+| image.tag | string | `"v2.6.3@sha256:fab794392ae3e63eef4009b97dfbd57fda9806b70b36333bc502a0ef72838852"` |  |
+| ingressClass | object | `{"enabled":false,"fallbackApiVersion":"","isDefaultClass":false}` | Use ingressClass. Ignored if Traefik version < 2.3 / kubernetes < 1.18.x |
+| ingressRoute | object | `{"dashboard":{"annotations":{},"enabled":true,"labels":{}}}` | Create an IngressRoute for the dashboard |
+| logs | object | `{"access":{"enabled":false,"fields":{"general":{"defaultmode":"keep","names":{}},"headers":{"defaultmode":"drop","names":{}}},"filters":{}},"general":{"level":"ERROR"}}` | Logs https://docs.traefik.io/observability/logs/ |
+| logs.access.fields | object | `{"general":{"defaultmode":"keep","names":{}},"headers":{"defaultmode":"drop","names":{}}}` |  retryattempts: true minduration: 10ms Fields https://docs.traefik.io/observability/access-logs/#limiting-the-fieldsincluding-headers |
+| logs.access.filters | object | `{}` |  To write logs in JSON, use json in the format option. If the given format is unsupported, the default (CLF) is used instead. format: json To write the logs in an asynchronous fashion, specify a bufferingSize option. This option represents the number of log lines Traefik will keep in memory before writing them to the selected output. In some cases, this option can greatly help performances. bufferingSize: 100 Filtering https://docs.traefik.io/observability/access-logs/#filtering |
+| logs.general.level | string | `"ERROR"` |  also ask for the json format in the format option format: json By default, the level is set to ERROR. Alternative logging levels are DEBUG, PANIC, FATAL, ERROR, WARN, and INFO. |
+| metrics.prometheus | object | `{"entryPoint":"metrics"}` |    address: 127.0.0.1:8125 influxdb:   address: localhost:8089   protocol: udp |
+| middlewares | object | `{"basicAuth":[],"chain":[],"forwardAuth":[],"ipWhiteList":[],"rateLimit":[],"redirectRegex":[],"redirectScheme":[],"stripPrefixRegex":[]}` | SCALE Middleware Handlers |
+| middlewares.chain | list | `[]` |    address: https://auth.example.com/   authResponseHeaders:     - X-Secret     - X-Auth-User   authRequestHeaders:     - "Accept"     - "X-CustomHeader"   authResponseHeadersRegex: "^X-"   trustForwardHeader: true |
+| middlewares.forwardAuth | list | `[]` |    users:     - username: testuser       password: testpassword |
+| middlewares.ipWhiteList | list | `[]` |    regex: [] |
+| middlewares.rateLimit | list | `[]` |    scheme: https   permanent: true |
+| middlewares.redirectRegex | list | `[]` |    average: 300   burst: 200 |
+| middlewares.redirectScheme | list | `[]` |    middlewares:    - name: compress |
+| middlewares.stripPrefixRegex | list | `[]` |    regex: putregexhere   replacement: replacementurlhere   permanent: false |
+| pilot | object | `{"enabled":false,"token":""}` | Activate Pilot integration |
+| podAnnotations."prometheus.io/path" | string | `"/metrics"` |  |
+| podAnnotations."prometheus.io/port" | string | `"9180"` |  |
+| podAnnotations."prometheus.io/scrape" | string | `"true"` |  |
+| portalhook.enabled | bool | `true` |  |
+| probes.liveness | object | See below | Liveness probe configuration |
+| probes.liveness.path | string | "/" | If a HTTP probe is used (default for HTTP/HTTPS services) this path is used |
+| probes.liveness.type | string | "TCP" | sets the probe type when not using a custom probe |
+| probes.readiness | object | See below | Redainess probe configuration |
+| probes.readiness.path | string | "/" | If a HTTP probe is used (default for HTTP/HTTPS services) this path is used |
+| probes.readiness.type | string | "TCP" | sets the probe type when not using a custom probe |
+| probes.startup | object | See below | Startup probe configuration |
+| probes.startup.path | string | "/" | If a HTTP probe is used (default for HTTP/HTTPS services) this path is used |
+| probes.startup.type | string | "TCP" | sets the probe type when not using a custom probe |
+| providers | object | `{"kubernetesCRD":{"enabled":true,"namespaces":[]},"kubernetesIngress":{"enabled":true,"namespaces":[],"publishedService":{"enabled":true}}}` | Configure providers |
+| providers.kubernetesIngress.publishedService | object | `{"enabled":true}` |  IP used for Kubernetes Ingress endpoints |
+| rbac | object | `{"enabled":true,"rules":[{"apiGroups":[""],"resources":["services","endpoints","secrets"],"verbs":["get","list","watch"]},{"apiGroups":["extensions","networking.k8s.io"],"resources":["ingresses","ingressclasses"],"verbs":["get","list","watch"]},{"apiGroups":["extensions","networking.k8s.io"],"resources":["ingresses/status"],"verbs":["update"]},{"apiGroups":["traefik.containo.us"],"resources":["ingressroutes","ingressroutetcps","ingressrouteudps","middlewares","middlewaretcps","tlsoptions","tlsstores","traefikservices","serverstransports"],"verbs":["get","list","watch"]}]}` | Whether Role Based Access Control objects like roles and rolebindings should be created |
+| service | object | `{"main":{"ports":{"main":{"port":9000,"protocol":"HTTP","targetPort":9000}},"type":"LoadBalancer"},"metrics":{"enabled":true,"ports":{"metrics":{"enabled":true,"port":9180,"protocol":"HTTP","targetPort":9180}},"type":"ClusterIP"},"tcp":{"enabled":true,"ports":{"web":{"enabled":true,"port":9080,"protocol":"HTTP","redirectTo":"websecure"},"websecure":{"enabled":true,"port":9443,"protocol":"HTTPS"}},"type":"LoadBalancer"},"udp":{"enabled":false}}` | Options for the main traefik service, where the entrypoints traffic comes from from. |
+| serviceAccount | object | `{"create":true}` | The service account the pods will use to interact with the Kubernetes API |
+| tlsOptions | object | `{"default":{"cipherSuites":["TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305","TLS_AES_128_GCM_SHA256","TLS_AES_256_GCM_SHA384","TLS_CHACHA20_POLY1305_SHA256"],"curvePreferences":["CurveP521","CurveP384"],"minVersion":"VersionTLS12","sniStrict":false}}` | TLS Options to be created as TLSOption CRDs https://doc.traefik.io/tccr.io/truecharts/https/tls/#tls-options Example: |
+
+All Rights Reserved - The TrueCharts Project

core/traefik/11.2.1/ix_values.yaml

@@ -0,0 +1,339 @@
+image:
+  repository: tccr.io/truecharts/traefik
+  # defaults to appVersion
+  tag: v2.6.6@sha256:8772fcd592d130f68e61778553554c99a791bcf1ab609fdc276e978706048acd
+  pullPolicy: IfNotPresent
+
+# -- Use ingressClass. Ignored if Traefik version < 2.3 / kubernetes < 1.18.x
+ingressClass:
+  # true is not unit-testable yet, pending https://github.com/rancher/helm-unittest/pull/12
+  enabled: false
+  isDefaultClass: false
+  # Use to force a networking.k8s.io API Version for certain CI/CD applications. E.g. "v1beta1"
+  fallbackApiVersion: ""
+
+# -- Activate Pilot integration
+pilot:
+  enabled: false
+  token: ""
+  # Toggle Pilot Dashboard
+  # dashboard: false
+
+# -- Create an IngressRoute for the dashboard
+ingressRoute:
+  dashboard:
+    enabled: true
+    # Additional ingressRoute annotations (e.g. for kubernetes.io/ingress.class)
+    annotations: {}
+    # Additional ingressRoute labels (e.g. for filtering IngressRoute by custom labels)
+    labels: {}
+
+podAnnotations:
+  prometheus.io/scrape: "true"
+  prometheus.io/path: "/metrics"
+  prometheus.io/port: "9180"
+
+#
+# -- Configure providers
+providers:
+  kubernetesCRD:
+    enabled: true
+    namespaces: []
+      # - "default"
+  kubernetesIngress:
+    enabled: true
+    # labelSelector: environment=production,method=traefik
+    namespaces: []
+      # - "default"
+    # IP used for Kubernetes Ingress endpoints
+    publishedService:
+      enabled: true
+      # Published Kubernetes Service to copy status from. Format: namespace/servicename
+      # By default this Traefik service
+      # pathOverride: ""
+
+# -- Logs
+# https://docs.traefik.io/observability/logs/
+logs:
+  # Traefik logs concern everything that happens to Traefik itself (startup, configuration, events, shutdown, and so on).
+  general:
+    # By default, the logs use a text format (common), but you can
+    # also ask for the json format in the format option
+    # format: json
+    # By default, the level is set to ERROR. Alternative logging levels are DEBUG, PANIC, FATAL, ERROR, WARN, and INFO.
+    level: ERROR
+  access:
+    # To enable access logs
+    enabled: false
+    # By default, logs are written using the Common Log Format (CLF).
+    # To write logs in JSON, use json in the format option.
+    # If the given format is unsupported, the default (CLF) is used instead.
+    # format: json
+    # To write the logs in an asynchronous fashion, specify a bufferingSize option.
+    # This option represents the number of log lines Traefik will keep in memory before writing
+    # them to the selected output. In some cases, this option can greatly help performances.
+    # bufferingSize: 100
+    # Filtering https://docs.traefik.io/observability/access-logs/#filtering
+    filters: {}
+      # statuscodes: "200,300-302"
+      # retryattempts: true
+      # minduration: 10ms
+    # Fields
+    # https://docs.traefik.io/observability/access-logs/#limiting-the-fieldsincluding-headers
+    fields:
+      general:
+        defaultmode: keep
+        names: {}
+          # Examples:
+          # ClientUsername: drop
+      headers:
+        defaultmode: drop
+        names: {}
+          # Examples:
+          # User-Agent: redact
+          # Authorization: drop
+          # Content-Type: keep
+
+metrics:
+  # datadog:
+  #   address: 127.0.0.1:8125
+  # influxdb:
+  #   address: localhost:8089
+  #   protocol: udp
+  prometheus:
+    entryPoint: metrics
+  # statsd:
+  #   address: localhost:8125
+
+globalArguments:
+  - "--global.checknewversion"
+
+##
+# -- Additional arguments to be passed at Traefik's binary
+# All available options available on https://docs.traefik.io/reference/static-configuration/cli/
+## Use curly braces to pass values: `helm install --set="additionalArguments={--providers.kubernetesingress.ingressclass=traefik-internal,--log.level=DEBUG}"`
+additionalArguments:
+  - "--metrics.prometheus"
+  - "--ping"
+  - "--serverstransport.insecureskipverify=true"
+  - "--providers.kubernetesingress.allowexternalnameservices=true"
+
+# -- TLS Options to be created as TLSOption CRDs
+# https://doc.traefik.io/tccr.io/truecharts/https/tls/#tls-options
+# Example:
+tlsOptions:
+  default:
+    sniStrict: false
+    minVersion: VersionTLS12
+    curvePreferences:
+      - CurveP521
+      - CurveP384
+    cipherSuites:
+      - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
+      - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
+      - TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305
+      - TLS_AES_128_GCM_SHA256
+      - TLS_AES_256_GCM_SHA384
+      - TLS_CHACHA20_POLY1305_SHA256
+
+# -- Options for the main traefik service, where the entrypoints traffic comes from
+# from.
+service:
+  main:
+    type: LoadBalancer
+    ports:
+      main:
+        port: 9000
+        targetPort: 9000
+        protocol: HTTP
+        # -- Forwarded Headers should never be enabled on Main entrypoint
+        forwardedHeaders:
+          enabled: false
+  tcp:
+    enabled: true
+    type: LoadBalancer
+    ports:
+      web:
+        enabled: true
+        port: 9080
+        protocol: HTTP
+        redirectTo: websecure
+        # -- Configure (Forwarded Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#forwarded-headers] Support
+        forwardedHeaders:
+          enabled: false
+          # -- List of trusted IP and CIDR references
+          trustedIPs: []
+          # -- Trust all forwarded headers
+          insecureMode: false
+        # Options: Empty, 0 (ingore), or positive int
+        # redirectPort:
+      websecure:
+        enabled: true
+        port: 9443
+        protocol: HTTPS
+        # -- Configure (Forwarded Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#forwarded-headers] Support
+        forwardedHeaders:
+          enabled: false
+          # -- List of trusted IP and CIDR references
+          trustedIPs: []
+          # -- Trust all forwarded headers
+          insecureMode: false
+#      tcpexample:
+#        enabled: true
+#        targetPort: 9443
+#        protocol: TCP
+#        tls:
+#          enabled: false
+#          # this is the name of a TLSOption definition
+#          options: ""
+#          certResolver: ""
+#          domains: []
+#          # - main: example.com
+#          #   sans:
+#          #     - foo.example.com
+#          #     - bar.example.com
+  metrics:
+    enabled: true
+    type: ClusterIP
+    ports:
+      metrics:
+        enabled: true
+        port: 9180
+        targetPort: 9180
+        protocol: HTTP
+        # -- Forwarded Headers should never be enabled on Metrics entrypoint
+        forwardedHeaders:
+          enabled: false
+  udp:
+    enabled: false
+
+probes:
+  # -- Liveness probe configuration
+  # @default -- See below
+  liveness:
+    # -- sets the probe type when not using a custom probe
+    # @default -- "TCP"
+    type: HTTP
+    # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used
+    # @default -- "/"
+    path: "/ping"
+
+  # -- Redainess probe configuration
+  # @default -- See below
+  readiness:
+    # -- sets the probe type when not using a custom probe
+    # @default -- "TCP"
+    type: HTTP
+    # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used
+    # @default -- "/"
+    path: "/ping"
+
+  # -- Startup probe configuration
+  # @default -- See below
+  startup:
+    # -- sets the probe type when not using a custom probe
+    # @default -- "TCP"
+    type: HTTP
+    # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used
+    # @default -- "/"
+    path: "/ping"
+
+# -- Whether Role Based Access Control objects like roles and rolebindings should be created
+rbac:
+  enabled: true
+  rules:
+    - apiGroups:
+        - ""
+      resources:
+        - services
+        - endpoints
+        - secrets
+      verbs:
+        - get
+        - list
+        - watch
+    - apiGroups:
+        - extensions
+        - networking.k8s.io
+      resources:
+        - ingresses
+        - ingressclasses
+      verbs:
+        - get
+        - list
+        - watch
+    - apiGroups:
+        - extensions
+        - networking.k8s.io
+      resources:
+        - ingresses/status
+      verbs:
+        - update
+    - apiGroups:
+        - traefik.containo.us
+      resources:
+        - ingressroutes
+        - ingressroutetcps
+        - ingressrouteudps
+        - middlewares
+        - middlewaretcps
+        - tlsoptions
+        - tlsstores
+        - traefikservices
+        - serverstransports
+      verbs:
+        - get
+        - list
+        - watch
+
+# -- The service account the pods will use to interact with the Kubernetes API
+serviceAccount:
+  create: true
+
+# -- SCALE Middleware Handlers
+middlewares:
+  basicAuth: []
+  # - name: basicauthexample
+  #   users:
+  #     - username: testuser
+  #       password: testpassword
+  forwardAuth: []
+  # - name: forwardAuthexample
+  #   address: https://auth.example.com/
+  #   authResponseHeaders:
+  #     - X-Secret
+  #     - X-Auth-User
+  #   authRequestHeaders:
+  #     - "Accept"
+  #     - "X-CustomHeader"
+  #   authResponseHeadersRegex: "^X-"
+  #   trustForwardHeader: true
+  chain: []
+  # - name: chainname
+  #   middlewares:
+  #    - name: compress
+  redirectScheme: []
+  # - name: redirectSchemeName
+  #   scheme: https
+  #   permanent: true
+  rateLimit: []
+  # - name: rateLimitName
+  #   average: 300
+  #   burst: 200
+  redirectRegex: []
+  # - name: redirectRegexName
+  #   regex: putregexhere
+  #   replacement: repslacementurlhere
+  #   permanent: false
+  stripPrefixRegex: []
+  # - name: stripPrefixRegexName
+  #   regex: []
+  ipWhiteList: []
+  # - name: ipWhiteListName
+  #   sourceRange: []
+  #   ipStrategy:
+  #     depth: 2
+  #     excludedIPs: []
+
+portalhook:
+  enabled: true

core/traefik/11.2.1/security.md

@@ -0,0 +1,138 @@
+---
+hide:
+  - toc
+---
+
+# Security Overview
+
+<link href="https://truecharts.org/_static/trivy.css" type="text/css" rel="stylesheet" />
+
+## Helm-Chart
+
+##### Scan Results
+
+#### Chart Object: traefik/templates/common.yaml
+
+
+
+| Type         |    Misconfiguration ID   |   Check  |  Severity |                   Explaination                   | Links  |
+|:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------|
+| Kubernetes Security Check         |    KSV001   |   Process can elevate its own privileges  |  MEDIUM | <details><summary>Expand...</summary> A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node. <br> <hr> <br> Container &#39;hostpatch&#39; of Deployment &#39;RELEASE-NAME-traefik&#39; should set &#39;securityContext.allowPrivilegeEscalation&#39; to false </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/appshield/ksv001">https://avd.aquasec.com/appshield/ksv001</a><br></details>  |
+| Kubernetes Security Check         |    KSV003   |   Default capabilities not dropped  |  LOW | <details><summary>Expand...</summary> The container should drop all default capabilities and add only those that are needed for its execution. <br> <hr> <br> Container &#39;RELEASE-NAME-traefik&#39; of Deployment &#39;RELEASE-NAME-traefik&#39; should add &#39;ALL&#39; to &#39;securityContext.capabilities.drop&#39; </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/">https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/</a><br><a href="https://avd.aquasec.com/appshield/ksv003">https://avd.aquasec.com/appshield/ksv003</a><br></details>  |
+| Kubernetes Security Check         |    KSV003   |   Default capabilities not dropped  |  LOW | <details><summary>Expand...</summary> The container should drop all default capabilities and add only those that are needed for its execution. <br> <hr> <br> Container &#39;hostpatch&#39; of Deployment &#39;RELEASE-NAME-traefik&#39; should add &#39;ALL&#39; to &#39;securityContext.capabilities.drop&#39; </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/">https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/</a><br><a href="https://avd.aquasec.com/appshield/ksv003">https://avd.aquasec.com/appshield/ksv003</a><br></details>  |
+| Kubernetes Security Check         |    KSV011   |   CPU not limited  |  LOW | <details><summary>Expand...</summary> Enforcing CPU limits prevents DoS via resource exhaustion. <br> <hr> <br> Container &#39;hostpatch&#39; of Deployment &#39;RELEASE-NAME-traefik&#39; should set &#39;resources.limits.cpu&#39; </details>| <details><summary>Expand...</summary><a href="https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits">https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits</a><br><a href="https://avd.aquasec.com/appshield/ksv011">https://avd.aquasec.com/appshield/ksv011</a><br></details>  |
+| Kubernetes Security Check         |    KSV012   |   Runs as root user  |  MEDIUM | <details><summary>Expand...</summary> &#39;runAsNonRoot&#39; forces the running image to run as a non-root user to ensure least privileges. <br> <hr> <br> Container &#39;autopermissions&#39; of Deployment &#39;RELEASE-NAME-traefik&#39; should set &#39;securityContext.runAsNonRoot&#39; to true </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/appshield/ksv012">https://avd.aquasec.com/appshield/ksv012</a><br></details>  |
+| Kubernetes Security Check         |    KSV012   |   Runs as root user  |  MEDIUM | <details><summary>Expand...</summary> &#39;runAsNonRoot&#39; forces the running image to run as a non-root user to ensure least privileges. <br> <hr> <br> Container &#39;hostpatch&#39; of Deployment &#39;RELEASE-NAME-traefik&#39; should set &#39;securityContext.runAsNonRoot&#39; to true </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/appshield/ksv012">https://avd.aquasec.com/appshield/ksv012</a><br></details>  |
+| Kubernetes Security Check         |    KSV014   |   Root file system is not read-only  |  LOW | <details><summary>Expand...</summary> An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk. <br> <hr> <br> Container &#39;autopermissions&#39; of Deployment &#39;RELEASE-NAME-traefik&#39; should set &#39;securityContext.readOnlyRootFilesystem&#39; to true </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/">https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/</a><br><a href="https://avd.aquasec.com/appshield/ksv014">https://avd.aquasec.com/appshield/ksv014</a><br></details>  |
+| Kubernetes Security Check         |    KSV014   |   Root file system is not read-only  |  LOW | <details><summary>Expand...</summary> An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk. <br> <hr> <br> Container &#39;hostpatch&#39; of Deployment &#39;RELEASE-NAME-traefik&#39; should set &#39;securityContext.readOnlyRootFilesystem&#39; to true </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/">https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/</a><br><a href="https://avd.aquasec.com/appshield/ksv014">https://avd.aquasec.com/appshield/ksv014</a><br></details>  |
+| Kubernetes Security Check         |    KSV015   |   CPU requests not specified  |  LOW | <details><summary>Expand...</summary> When containers have resource requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention. <br> <hr> <br> Container &#39;hostpatch&#39; of Deployment &#39;RELEASE-NAME-traefik&#39; should set &#39;resources.requests.cpu&#39; </details>| <details><summary>Expand...</summary><a href="https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits">https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits</a><br><a href="https://avd.aquasec.com/appshield/ksv015">https://avd.aquasec.com/appshield/ksv015</a><br></details>  |
+| Kubernetes Security Check         |    KSV016   |   Memory requests not specified  |  LOW | <details><summary>Expand...</summary> When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention. <br> <hr> <br> Container &#39;hostpatch&#39; of Deployment &#39;RELEASE-NAME-traefik&#39; should set &#39;resources.requests.memory&#39; </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-resources-limits-memory/">https://kubesec.io/basics/containers-resources-limits-memory/</a><br><a href="https://avd.aquasec.com/appshield/ksv016">https://avd.aquasec.com/appshield/ksv016</a><br></details>  |
+| Kubernetes Security Check         |    KSV017   |   Privileged container  |  HIGH | <details><summary>Expand...</summary> Privileged containers share namespaces with the host system and do not offer any security. They should be used exclusively for system containers that require high privileges. <br> <hr> <br> Container &#39;hostpatch&#39; of Deployment &#39;RELEASE-NAME-traefik&#39; should set &#39;securityContext.privileged&#39; to false </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline">https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline</a><br><a href="https://avd.aquasec.com/appshield/ksv017">https://avd.aquasec.com/appshield/ksv017</a><br></details>  |
+| Kubernetes Security Check         |    KSV018   |   Memory not limited  |  LOW | <details><summary>Expand...</summary> Enforcing memory limits prevents DoS via resource exhaustion. <br> <hr> <br> Container &#39;hostpatch&#39; of Deployment &#39;RELEASE-NAME-traefik&#39; should set &#39;resources.limits.memory&#39; </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-resources-limits-memory/">https://kubesec.io/basics/containers-resources-limits-memory/</a><br><a href="https://avd.aquasec.com/appshield/ksv018">https://avd.aquasec.com/appshield/ksv018</a><br></details>  |
+| Kubernetes Security Check         |    KSV020   |   Runs with low user ID  |  MEDIUM | <details><summary>Expand...</summary> Force the container to run with user ID &gt; 10000 to avoid conflicts with the host’s user table. <br> <hr> <br> Container &#39;RELEASE-NAME-traefik&#39; of Deployment &#39;RELEASE-NAME-traefik&#39; should set &#39;securityContext.runAsUser&#39; &gt; 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/appshield/ksv020">https://avd.aquasec.com/appshield/ksv020</a><br></details>  |
+| Kubernetes Security Check         |    KSV020   |   Runs with low user ID  |  MEDIUM | <details><summary>Expand...</summary> Force the container to run with user ID &gt; 10000 to avoid conflicts with the host’s user table. <br> <hr> <br> Container &#39;autopermissions&#39; of Deployment &#39;RELEASE-NAME-traefik&#39; should set &#39;securityContext.runAsUser&#39; &gt; 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/appshield/ksv020">https://avd.aquasec.com/appshield/ksv020</a><br></details>  |
+| Kubernetes Security Check         |    KSV020   |   Runs with low user ID  |  MEDIUM | <details><summary>Expand...</summary> Force the container to run with user ID &gt; 10000 to avoid conflicts with the host’s user table. <br> <hr> <br> Container &#39;hostpatch&#39; of Deployment &#39;RELEASE-NAME-traefik&#39; should set &#39;securityContext.runAsUser&#39; &gt; 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/appshield/ksv020">https://avd.aquasec.com/appshield/ksv020</a><br></details>  |
+| Kubernetes Security Check         |    KSV021   |   Runs with low group ID  |  MEDIUM | <details><summary>Expand...</summary> Force the container to run with group ID &gt; 10000 to avoid conflicts with the host’s user table. <br> <hr> <br> Container &#39;RELEASE-NAME-traefik&#39; of Deployment &#39;RELEASE-NAME-traefik&#39; should set &#39;securityContext.runAsGroup&#39; &gt; 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/appshield/ksv021">https://avd.aquasec.com/appshield/ksv021</a><br></details>  |
+| Kubernetes Security Check         |    KSV021   |   Runs with low group ID  |  MEDIUM | <details><summary>Expand...</summary> Force the container to run with group ID &gt; 10000 to avoid conflicts with the host’s user table. <br> <hr> <br> Container &#39;autopermissions&#39; of Deployment &#39;RELEASE-NAME-traefik&#39; should set &#39;securityContext.runAsGroup&#39; &gt; 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/appshield/ksv021">https://avd.aquasec.com/appshield/ksv021</a><br></details>  |
+| Kubernetes Security Check         |    KSV021   |   Runs with low group ID  |  MEDIUM | <details><summary>Expand...</summary> Force the container to run with group ID &gt; 10000 to avoid conflicts with the host’s user table. <br> <hr> <br> Container &#39;hostpatch&#39; of Deployment &#39;RELEASE-NAME-traefik&#39; should set &#39;securityContext.runAsGroup&#39; &gt; 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/appshield/ksv021">https://avd.aquasec.com/appshield/ksv021</a><br></details>  |
+| Kubernetes Security Check         |    KSV023   |   hostPath volumes mounted  |  MEDIUM | <details><summary>Expand...</summary> HostPath volumes must be forbidden. <br> <hr> <br> Deployment &#39;RELEASE-NAME-traefik&#39; should not set &#39;spec.template.volumes.hostPath&#39; </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline">https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline</a><br><a href="https://avd.aquasec.com/appshield/ksv023">https://avd.aquasec.com/appshield/ksv023</a><br></details>  |
+| Kubernetes Security Check         |    KSV029   |   A root primary or supplementary GID set  |  LOW | <details><summary>Expand...</summary> Containers should be forbidden from running with a root primary or supplementary GID. <br> <hr> <br> Deployment &#39;RELEASE-NAME-traefik&#39; should set &#39;spec.securityContext.runAsGroup&#39;, &#39;spec.securityContext.supplementalGroups[*]&#39; and &#39;spec.securityContext.fsGroup&#39; to integer greater than 0 </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/appshield/ksv029">https://avd.aquasec.com/appshield/ksv029</a><br></details>  |
+
+
+| No Misconfigurations found         |
+|:---------------------------------|
+
+
+
+
+| No Misconfigurations found         |
+|:---------------------------------|
+
+
+
+
+| No Misconfigurations found         |
+|:---------------------------------|
+
+
+
+
+| No Misconfigurations found         |
+|:---------------------------------|
+
+
+
+## Containers
+
+##### Detected Containers
+
+          tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583
+          tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583
+          tccr.io/truecharts/traefik:v2.6.6@sha256:8772fcd592d130f68e61778553554c99a791bcf1ab609fdc276e978706048acd
+
+##### Scan Results
+
+
+#### Container: tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583 (alpine 3.15.2)
+
+
+**alpine**
+
+
+| Package         |    Vulnerability   |   Severity  |  Installed Version | Fixed Version |                   Links                   |
+|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
+| busybox         |    CVE-2022-28391   |   CRITICAL  |  1.34.1-r4 | 1.34.1-r5 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-28391">https://access.redhat.com/security/cve/CVE-2022-28391</a><br><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch</a><br><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch</a><br><a href="https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661">https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-28391">https://nvd.nist.gov/vuln/detail/CVE-2022-28391</a><br></details>  |
+| curl         |    CVE-2022-22576   |   MEDIUM  |  7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-22576">https://access.redhat.com/security/cve/CVE-2022-22576</a><br><a href="https://curl.se/docs/CVE-2022-22576.html">https://curl.se/docs/CVE-2022-22576.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details>  |
+| curl         |    CVE-2022-27774   |   MEDIUM  |  7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27774">https://access.redhat.com/security/cve/CVE-2022-27774</a><br><a href="https://curl.se/docs/CVE-2022-27774.html">https://curl.se/docs/CVE-2022-27774.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details>  |
+| curl         |    CVE-2022-27776   |   MEDIUM  |  7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27776">https://access.redhat.com/security/cve/CVE-2022-27776</a><br><a href="https://curl.se/docs/CVE-2022-27776.html">https://curl.se/docs/CVE-2022-27776.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details>  |
+| curl         |    CVE-2022-27775   |   LOW  |  7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27775">https://access.redhat.com/security/cve/CVE-2022-27775</a><br><a href="https://curl.se/docs/CVE-2022-27775.html">https://curl.se/docs/CVE-2022-27775.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details>  |
+| libcurl         |    CVE-2022-22576   |   MEDIUM  |  7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-22576">https://access.redhat.com/security/cve/CVE-2022-22576</a><br><a href="https://curl.se/docs/CVE-2022-22576.html">https://curl.se/docs/CVE-2022-22576.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details>  |
+| libcurl         |    CVE-2022-27774   |   MEDIUM  |  7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27774">https://access.redhat.com/security/cve/CVE-2022-27774</a><br><a href="https://curl.se/docs/CVE-2022-27774.html">https://curl.se/docs/CVE-2022-27774.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details>  |
+| libcurl         |    CVE-2022-27776   |   MEDIUM  |  7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27776">https://access.redhat.com/security/cve/CVE-2022-27776</a><br><a href="https://curl.se/docs/CVE-2022-27776.html">https://curl.se/docs/CVE-2022-27776.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details>  |
+| libcurl         |    CVE-2022-27775   |   LOW  |  7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27775">https://access.redhat.com/security/cve/CVE-2022-27775</a><br><a href="https://curl.se/docs/CVE-2022-27775.html">https://curl.se/docs/CVE-2022-27775.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details>  |
+| ssl_client         |    CVE-2022-28391   |   CRITICAL  |  1.34.1-r4 | 1.34.1-r5 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-28391">https://access.redhat.com/security/cve/CVE-2022-28391</a><br><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch</a><br><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch</a><br><a href="https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661">https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-28391">https://nvd.nist.gov/vuln/detail/CVE-2022-28391</a><br></details>  |
+| zlib         |    CVE-2018-25032   |   HIGH  |  1.2.11-r3 | 1.2.12-r0 | <details><summary>Expand...</summary><a href="http://www.openwall.com/lists/oss-security/2022/03/25/2">http://www.openwall.com/lists/oss-security/2022/03/25/2</a><br><a href="http://www.openwall.com/lists/oss-security/2022/03/26/1">http://www.openwall.com/lists/oss-security/2022/03/26/1</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-25032">https://access.redhat.com/security/cve/CVE-2018-25032</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032</a><br><a href="https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531">https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531</a><br><a href="https://github.com/madler/zlib/compare/v1.2.11...v1.2.12">https://github.com/madler/zlib/compare/v1.2.11...v1.2.12</a><br><a href="https://github.com/madler/zlib/issues/605">https://github.com/madler/zlib/issues/605</a><br><a href="https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4">https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4</a><br><a href="https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5">https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5</a><br><a href="https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ">https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ</a><br><a href="https://linux.oracle.com/cve/CVE-2018-25032.html">https://linux.oracle.com/cve/CVE-2018-25032.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-1642.html">https://linux.oracle.com/errata/ELSA-2022-1642.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html">https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2018-25032">https://nvd.nist.gov/vuln/detail/CVE-2018-25032</a><br><a href="https://ubuntu.com/security/notices/USN-5355-1">https://ubuntu.com/security/notices/USN-5355-1</a><br><a href="https://ubuntu.com/security/notices/USN-5355-2">https://ubuntu.com/security/notices/USN-5355-2</a><br><a href="https://ubuntu.com/security/notices/USN-5359-1">https://ubuntu.com/security/notices/USN-5359-1</a><br><a href="https://www.debian.org/security/2022/dsa-5111">https://www.debian.org/security/2022/dsa-5111</a><br><a href="https://www.openwall.com/lists/oss-security/2022/03/24/1">https://www.openwall.com/lists/oss-security/2022/03/24/1</a><br><a href="https://www.openwall.com/lists/oss-security/2022/03/28/1">https://www.openwall.com/lists/oss-security/2022/03/28/1</a><br><a href="https://www.openwall.com/lists/oss-security/2022/03/28/3">https://www.openwall.com/lists/oss-security/2022/03/28/3</a><br></details>  |
+
+
+#### Container: tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583 (alpine 3.15.2)
+
+
+**alpine**
+
+
+| Package         |    Vulnerability   |   Severity  |  Installed Version | Fixed Version |                   Links                   |
+|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
+| busybox         |    CVE-2022-28391   |   CRITICAL  |  1.34.1-r4 | 1.34.1-r5 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-28391">https://access.redhat.com/security/cve/CVE-2022-28391</a><br><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch</a><br><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch</a><br><a href="https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661">https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-28391">https://nvd.nist.gov/vuln/detail/CVE-2022-28391</a><br></details>  |
+| curl         |    CVE-2022-22576   |   MEDIUM  |  7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-22576">https://access.redhat.com/security/cve/CVE-2022-22576</a><br><a href="https://curl.se/docs/CVE-2022-22576.html">https://curl.se/docs/CVE-2022-22576.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details>  |
+| curl         |    CVE-2022-27774   |   MEDIUM  |  7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27774">https://access.redhat.com/security/cve/CVE-2022-27774</a><br><a href="https://curl.se/docs/CVE-2022-27774.html">https://curl.se/docs/CVE-2022-27774.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details>  |
+| curl         |    CVE-2022-27776   |   MEDIUM  |  7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27776">https://access.redhat.com/security/cve/CVE-2022-27776</a><br><a href="https://curl.se/docs/CVE-2022-27776.html">https://curl.se/docs/CVE-2022-27776.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details>  |
+| curl         |    CVE-2022-27775   |   LOW  |  7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27775">https://access.redhat.com/security/cve/CVE-2022-27775</a><br><a href="https://curl.se/docs/CVE-2022-27775.html">https://curl.se/docs/CVE-2022-27775.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details>  |
+| libcurl         |    CVE-2022-22576   |   MEDIUM  |  7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-22576">https://access.redhat.com/security/cve/CVE-2022-22576</a><br><a href="https://curl.se/docs/CVE-2022-22576.html">https://curl.se/docs/CVE-2022-22576.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details>  |
+| libcurl         |    CVE-2022-27774   |   MEDIUM  |  7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27774">https://access.redhat.com/security/cve/CVE-2022-27774</a><br><a href="https://curl.se/docs/CVE-2022-27774.html">https://curl.se/docs/CVE-2022-27774.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details>  |
+| libcurl         |    CVE-2022-27776   |   MEDIUM  |  7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27776">https://access.redhat.com/security/cve/CVE-2022-27776</a><br><a href="https://curl.se/docs/CVE-2022-27776.html">https://curl.se/docs/CVE-2022-27776.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details>  |
+| libcurl         |    CVE-2022-27775   |   LOW  |  7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27775">https://access.redhat.com/security/cve/CVE-2022-27775</a><br><a href="https://curl.se/docs/CVE-2022-27775.html">https://curl.se/docs/CVE-2022-27775.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details>  |
+| ssl_client         |    CVE-2022-28391   |   CRITICAL  |  1.34.1-r4 | 1.34.1-r5 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-28391">https://access.redhat.com/security/cve/CVE-2022-28391</a><br><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch</a><br><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch</a><br><a href="https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661">https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-28391">https://nvd.nist.gov/vuln/detail/CVE-2022-28391</a><br></details>  |
+| zlib         |    CVE-2018-25032   |   HIGH  |  1.2.11-r3 | 1.2.12-r0 | <details><summary>Expand...</summary><a href="http://www.openwall.com/lists/oss-security/2022/03/25/2">http://www.openwall.com/lists/oss-security/2022/03/25/2</a><br><a href="http://www.openwall.com/lists/oss-security/2022/03/26/1">http://www.openwall.com/lists/oss-security/2022/03/26/1</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-25032">https://access.redhat.com/security/cve/CVE-2018-25032</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032</a><br><a href="https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531">https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531</a><br><a href="https://github.com/madler/zlib/compare/v1.2.11...v1.2.12">https://github.com/madler/zlib/compare/v1.2.11...v1.2.12</a><br><a href="https://github.com/madler/zlib/issues/605">https://github.com/madler/zlib/issues/605</a><br><a href="https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4">https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4</a><br><a href="https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5">https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5</a><br><a href="https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ">https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ</a><br><a href="https://linux.oracle.com/cve/CVE-2018-25032.html">https://linux.oracle.com/cve/CVE-2018-25032.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-1642.html">https://linux.oracle.com/errata/ELSA-2022-1642.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html">https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2018-25032">https://nvd.nist.gov/vuln/detail/CVE-2018-25032</a><br><a href="https://ubuntu.com/security/notices/USN-5355-1">https://ubuntu.com/security/notices/USN-5355-1</a><br><a href="https://ubuntu.com/security/notices/USN-5355-2">https://ubuntu.com/security/notices/USN-5355-2</a><br><a href="https://ubuntu.com/security/notices/USN-5359-1">https://ubuntu.com/security/notices/USN-5359-1</a><br><a href="https://www.debian.org/security/2022/dsa-5111">https://www.debian.org/security/2022/dsa-5111</a><br><a href="https://www.openwall.com/lists/oss-security/2022/03/24/1">https://www.openwall.com/lists/oss-security/2022/03/24/1</a><br><a href="https://www.openwall.com/lists/oss-security/2022/03/28/1">https://www.openwall.com/lists/oss-security/2022/03/28/1</a><br><a href="https://www.openwall.com/lists/oss-security/2022/03/28/3">https://www.openwall.com/lists/oss-security/2022/03/28/3</a><br></details>  |
+
+
+#### Container: tccr.io/truecharts/traefik:v2.6.6@sha256:8772fcd592d130f68e61778553554c99a791bcf1ab609fdc276e978706048acd (alpine 3.14.6)
+
+
+**alpine**
+
+
+| No Vulnerabilities found         |
+|:---------------------------------|
+
+
+
+**gobinary**
+
+
+| Package         |    Vulnerability   |   Severity  |  Installed Version | Fixed Version |                   Links                   |
+|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
+| github.com/containerd/containerd         |    CVE-2022-23648   |   HIGH  |  v1.5.9 | 1.4.13, 1.5.10, 1.6.1 | <details><summary>Expand...</summary><a href="http://packetstormsecurity.com/files/166421/containerd-Image-Volume-Insecure-Handling.html">http://packetstormsecurity.com/files/166421/containerd-Image-Volume-Insecure-Handling.html</a><br><a href="https://access.redhat.com/security/cve/CVE-2022-23648">https://access.redhat.com/security/cve/CVE-2022-23648</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23648">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23648</a><br><a href="https://github.com/advisories/GHSA-crp2-qrr5-8pq7">https://github.com/advisories/GHSA-crp2-qrr5-8pq7</a><br><a href="https://github.com/containerd/containerd/commit/10f428dac7cec44c864e1b830a4623af27a9fc70">https://github.com/containerd/containerd/commit/10f428dac7cec44c864e1b830a4623af27a9fc70</a><br><a href="https://github.com/containerd/containerd/releases/tag/v1.4.13">https://github.com/containerd/containerd/releases/tag/v1.4.13</a><br><a href="https://github.com/containerd/containerd/releases/tag/v1.5.10">https://github.com/containerd/containerd/releases/tag/v1.5.10</a><br><a href="https://github.com/containerd/containerd/releases/tag/v1.6.1">https://github.com/containerd/containerd/releases/tag/v1.6.1</a><br><a href="https://github.com/containerd/containerd/security/advisories/GHSA-crp2-qrr5-8pq7">https://github.com/containerd/containerd/security/advisories/GHSA-crp2-qrr5-8pq7</a><br><a href="https://github.com/containerd/containerd/security/advisories/GHSA-crp2-qrr5-8pq7.">https://github.com/containerd/containerd/security/advisories/GHSA-crp2-qrr5-8pq7.</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AUDQUQBZJGBWJPMRVB6QCCCRF7O3O4PA/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AUDQUQBZJGBWJPMRVB6QCCCRF7O3O4PA/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HFTS2EF3S7HNYSNZSEJZIJHPRU7OPUV3/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HFTS2EF3S7HNYSNZSEJZIJHPRU7OPUV3/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OCCARJ6FU4MWBTXHZNMS7NELPDBIX2VO/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OCCARJ6FU4MWBTXHZNMS7NELPDBIX2VO/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-23648">https://nvd.nist.gov/vuln/detail/CVE-2022-23648</a><br><a href="https://ubuntu.com/security/notices/USN-5311-1">https://ubuntu.com/security/notices/USN-5311-1</a><br><a href="https://www.debian.org/security/2022/dsa-5091">https://www.debian.org/security/2022/dsa-5091</a><br></details>  |
+| github.com/docker/distribution         |    GMS-2022-20   |   UNKNOWN  |  v2.7.1+incompatible | v2.8.0 | <details><summary>Expand...</summary><a href="https://github.com/advisories/GHSA-qq97-vm5h-rrhg">https://github.com/advisories/GHSA-qq97-vm5h-rrhg</a><br><a href="https://github.com/distribution/distribution/commit/b59a6f827947f9e0e67df0cfb571046de4733586">https://github.com/distribution/distribution/commit/b59a6f827947f9e0e67df0cfb571046de4733586</a><br><a href="https://github.com/distribution/distribution/security/advisories/GHSA-qq97-vm5h-rrhg">https://github.com/distribution/distribution/security/advisories/GHSA-qq97-vm5h-rrhg</a><br><a href="https://github.com/opencontainers/image-spec/pull/411">https://github.com/opencontainers/image-spec/pull/411</a><br></details>  |
+| github.com/hashicorp/consul         |    CVE-2022-24687   |   MEDIUM  |  v1.10.4 | 1.9.15, 1.10.8, 1.11.3 | <details><summary>Expand...</summary><a href="https://discuss.hashicorp.com">https://discuss.hashicorp.com</a><br><a href="https://discuss.hashicorp.com/t/hcsec-2022-05-consul-ingress-gateway-panic-can-shutdown-servers/">https://discuss.hashicorp.com/t/hcsec-2022-05-consul-ingress-gateway-panic-can-shutdown-servers/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-24687">https://nvd.nist.gov/vuln/detail/CVE-2022-24687</a><br><a href="https://security.netapp.com/advisory/ntap-20220331-0006/">https://security.netapp.com/advisory/ntap-20220331-0006/</a><br></details>  |
+| golang.org/x/crypto         |    CVE-2022-27191   |   HIGH  |  v0.0.0-20210616213533-5ff15b29337e | 0.0.0-20220315160706-3147a52a75dd | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27191">https://access.redhat.com/security/cve/CVE-2022-27191</a><br><a href="https://github.com/advisories/GHSA-8c26-wmh5-6g9v">https://github.com/advisories/GHSA-8c26-wmh5-6g9v</a><br><a href="https://groups.google.com/g/golang-announce">https://groups.google.com/g/golang-announce</a><br><a href="https://groups.google.com/g/golang-announce/c/-cp44ypCT5s">https://groups.google.com/g/golang-announce/c/-cp44ypCT5s</a><br><a href="https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ">https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HHGBEGJ54DZZGTXFUQNS7ZIG3E624YAF/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HHGBEGJ54DZZGTXFUQNS7ZIG3E624YAF/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QTFOIDHQRGNI4P6LYN6ILH5G443RYYKB/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QTFOIDHQRGNI4P6LYN6ILH5G443RYYKB/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YHYRQB7TRMHDB3NEHW5XBRG7PPMUTPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YHYRQB7TRMHDB3NEHW5XBRG7PPMUTPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQNPPQWSTP2IX7SHE6TS4SP4EVMI5EZK/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQNPPQWSTP2IX7SHE6TS4SP4EVMI5EZK/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-27191">https://nvd.nist.gov/vuln/detail/CVE-2022-27191</a><br><a href="https://security.netapp.com/advisory/ntap-20220429-0002/">https://security.netapp.com/advisory/ntap-20220429-0002/</a><br></details>  |
+| golang.org/x/text         |    CVE-2021-38561   |   UNKNOWN  |  v0.3.6 | 0.3.7 | <details><summary>Expand...</summary><a href="https://go-review.googlesource.com/c/text/+/340830">https://go-review.googlesource.com/c/text/+/340830</a><br><a href="https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f">https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f</a><br><a href="https://pkg.go.dev/vuln/GO-2021-0113">https://pkg.go.dev/vuln/GO-2021-0113</a><br></details>  |

core/traefik/11.2.1/templates/_args.tpl

@@ -0,0 +1,156 @@
+{{/* Define the args */}}
+{{- define "traefik.args" -}}
+args:
+  {{/* merge all ports */}}
+  {{- $ports := dict }}
+  {{- range $.Values.service }}
+  {{- range $name, $value := .ports }}
+  {{- $_ := set $ports $name $value }}
+  {{- end }}
+  {{- end }}
+  {{/* start of actual arguments */}}
+  {{- with .Values.globalArguments }}
+  {{- range . }}
+  - {{ . | quote }}
+  {{- end }}
+  {{- end }}
+  {{- range $name, $config := $ports }}
+  {{- if $config }}
+  {{- if or ( eq $config.protocol "HTTP" ) ( eq $config.protocol "HTTPS" ) ( eq $config.protocol "TCP" ) }}
+  {{- $_ := set $config "protocol" "TCP" }}
+  {{- end }}
+  - "--entryPoints.{{$name}}.address=:{{ $config.port }}/{{ default "tcp" $config.protocol | lower }}"
+  {{- end }}
+  {{- end }}
+  - "--api.dashboard=true"
+  - "--ping=true"
+  {{- if .Values.metrics }}
+  {{- if .Values.metrics.datadog }}
+  - "--metrics.datadog=true"
+  - "--metrics.datadog.address={{ .Values.metrics.datadog.address }}"
+  {{- end }}
+  {{- if .Values.metrics.influxdb }}
+  - "--metrics.influxdb=true"
+  - "--metrics.influxdb.address={{ .Values.metrics.influxdb.address }}"
+  - "--metrics.influxdb.protocol={{ .Values.metrics.influxdb.protocol }}"
+  {{- end }}
+  {{- if .Values.metrics.prometheus }}
+  - "--metrics.prometheus=true"
+  - "--metrics.prometheus.entrypoint={{ .Values.metrics.prometheus.entryPoint }}"
+  {{- end }}
+  {{- if .Values.metrics.statsd }}
+  - "--metrics.statsd=true"
+  - "--metrics.statsd.address={{ .Values.metrics.statsd.address }}"
+  {{- end }}
+  {{- end }}
+  {{- if .Values.providers.kubernetesCRD.enabled }}
+  - "--providers.kubernetescrd"
+  {{- end }}
+  {{- if .Values.providers.kubernetesIngress.enabled }}
+  - "--providers.kubernetesingress"
+  {{- if .Values.providers.kubernetesIngress.publishedService.enabled }}
+  - "--providers.kubernetesingress.ingressendpoint.publishedservice={{ template "providers.kubernetesIngress.publishedServicePath" . }}"
+  {{- end }}
+  {{- if .Values.providers.kubernetesIngress.labelSelector }}
+  - "--providers.kubernetesingress.labelSelector={{ .Values.providers.kubernetesIngress.labelSelector }}"
+  {{- end }}
+  {{- end }}
+  {{- if and .Values.rbac.enabled .Values.rbac.namespaced }}
+  {{- if .Values.providers.kubernetesCRD.enabled }}
+  - "--providers.kubernetescrd.namespaces={{ template "providers.kubernetesCRD.namespaces" . }}"
+  {{- end }}
+  {{- if .Values.providers.kubernetesIngress.enabled }}
+  - "--providers.kubernetesingress.namespaces={{ template "providers.kubernetesIngress.namespaces" . }}"
+  {{- end }}
+  {{- end }}
+  {{- range $entrypoint, $config := $ports }}
+  {{/* add args for forwardedHeaders support */}}
+  {{- if $config.forwardedHeaders.enabled }}
+  {{- if not ( empty $config.forwardedHeaders.trustedIPs ) }}
+  - "--entrypoints.{{ $entrypoint }}.forwardedHeaders.trustedIPs={{ join "," $config.forwardedHeaders.trustedIPs }}"
+  {{- end }}
+  {{- if $config.forwardedHeaders.insecureMode }}
+  - "--entrypoints.{{ $entrypoint }}.forwardedHeaders.insecure"
+  {{- end }}
+  {{- end }}
+  {{/* end forwardedHeaders configuration */}}
+  {{- if $config.redirectTo }}
+  {{- $toPort := index $ports $config.redirectTo }}
+  - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.to=:{{ $toPort.port }}"
+  - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.scheme=https"
+  {{- else if $config.redirectPort }}
+  {{ if gt $config.redirectPort 0.0 }}
+  - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.to=:{{ $config.redirectPort }}"
+  - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.scheme=https"
+  {{- end }}
+  {{- end }}
+  {{- if or ( $config.tls ) ( eq $config.protocol "HTTPS" ) }}
+  {{- if or ( $config.tls.enabled ) ( eq $config.protocol "HTTPS" ) }}
+  - "--entrypoints.{{ $entrypoint }}.http.tls=true"
+  {{- if $config.tls.options }}
+  - "--entrypoints.{{ $entrypoint }}.http.tls.options={{ $config.tls.options }}"
+  {{- end }}
+  {{- if $config.tls.certResolver }}
+  - "--entrypoints.{{ $entrypoint }}.http.tls.certResolver={{ $config.tls.certResolver }}"
+  {{- end }}
+  {{- if $config.tls.domains }}
+  {{- range $index, $domain := $config.tls.domains }}
+  {{- if $domain.main }}
+  - "--entrypoints.{{ $entrypoint }}.http.tls.domains[{{ $index }}].main={{ $domain.main }}"
+  {{- end }}
+  {{- if $domain.sans }}
+  - "--entrypoints.{{ $entrypoint }}.http.tls.domains[{{ $index }}].sans={{ join "," $domain.sans }}"
+  {{- end }}
+  {{- end }}
+  {{- end }}
+  {{- end }}
+  {{- end }}
+  {{- end }}
+  {{- with .Values.logs }}
+  {{- if .general.format }}
+  - "--log.format={{ .general.format }}"
+  {{- end }}
+  {{- if ne .general.level "ERROR" }}
+  - "--log.level={{ .general.level | upper }}"
+  {{- end }}
+  {{- if .access.enabled }}
+  - "--accesslog=true"
+  {{- if .access.format }}
+  - "--accesslog.format={{ .access.format }}"
+  {{- end }}
+  {{- if .access.bufferingsize }}
+  - "--accesslog.bufferingsize={{ .access.bufferingsize }}"
+  {{- end }}
+  {{- if .access.filters }}
+  {{- if .access.filters.statuscodes }}
+  - "--accesslog.filters.statuscodes={{ .access.filters.statuscodes }}"
+  {{- end }}
+  {{- if .access.filters.retryattempts }}
+  - "--accesslog.filters.retryattempts"
+  {{- end }}
+  {{- if .access.filters.minduration }}
+  - "--accesslog.filters.minduration={{ .access.filters.minduration }}"
+  {{- end }}
+  {{- end }}
+  - "--accesslog.fields.defaultmode={{ .access.fields.general.defaultmode }}"
+  {{- range $fieldname, $fieldaction := .access.fields.general.names }}
+  - "--accesslog.fields.names.{{ $fieldname }}={{ $fieldaction }}"
+  {{- end }}
+  - "--accesslog.fields.headers.defaultmode={{ .access.fields.headers.defaultmode }}"
+  {{- range $fieldname, $fieldaction := .access.fields.headers.names }}
+  - "--accesslog.fields.headers.names.{{ $fieldname }}={{ $fieldaction }}"
+  {{- end }}
+  {{- end }}
+  {{- end }}
+  {{- if .Values.pilot.enabled }}
+  - "--pilot.token={{ .Values.pilot.token }}"
+  {{- end }}
+  {{- if hasKey .Values.pilot "dashboard" }}
+  - "--pilot.dashboard={{ .Values.pilot.dashboard }}"
+  {{- end }}
+  {{- with .Values.additionalArguments }}
+  {{- range . }}
+  - {{ . | quote }}
+  {{- end }}
+  {{- end }}
+{{- end -}}

core/traefik/11.2.1/templates/_helpers.tpl

@@ -0,0 +1,22 @@
+{{/*
+Construct the path for the providers.kubernetesingress.ingressendpoint.publishedservice.
+By convention this will simply use the <namespace>/<service-name> to match the name of the
+service generated.
+Users can provide an override for an explicit service they want bound via `.Values.providers.kubernetesIngress.publishedService.pathOverride`
+*/}}
+{{- define "providers.kubernetesIngress.publishedServicePath" -}}
+{{- $fullName := include "common.names.fullname" . -}}
+{{- $defServiceName := printf "%s/%s-tcp" .Release.Namespace $fullName -}}
+{{- $servicePath := default $defServiceName .Values.providers.kubernetesIngress.publishedService.pathOverride }}
+{{- print $servicePath | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Construct a comma-separated list of whitelisted namespaces
+*/}}
+{{- define "providers.kubernetesIngress.namespaces" -}}
+{{- default .Release.Namespace (join "," .Values.providers.kubernetesIngress.namespaces) }}
+{{- end -}}
+{{- define "providers.kubernetesCRD.namespaces" -}}
+{{- default .Release.Namespace (join "," .Values.providers.kubernetesCRD.namespaces) }}
+{{- end -}}

core/traefik/11.2.1/templates/_ingressclass.tpl

@@ -0,0 +1,24 @@
+{{/* Define the ingressClass */}}
+{{- define "traefik.ingressClass" -}}
+---
+{{ if .Values.ingressClass.enabled }}
+  {{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1/IngressClass" }}
+apiVersion: networking.k8s.io/v1
+  {{- else if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1/IngressClass" }}
+apiVersion: networking.k8s.io/v1beta1
+  {{- else if or (eq .Values.ingressClass.fallbackApiVersion "v1beta1") (eq .Values.ingressClass.fallbackApiVersion "v1") }}
+apiVersion: {{ printf "networking.k8s.io/%s" .Values.ingressClass.fallbackApiVersion }}
+  {{- else }}
+  {{- fail "\n\n ERROR: You must have at least networking.k8s.io/v1beta1 to use ingressClass" }}
+  {{- end }}
+kind: IngressClass
+metadata:
+  annotations:
+    ingressclass.kubernetes.io/is-default-class: {{ .Values.ingressClass.isDefaultClass | quote }}
+  labels:
+    {{- include "common.labels" . | nindent 4 }}
+  name: {{ .Release.Name }}
+spec:
+  controller: traefik.io/ingress-controller
+{{- end }}
+{{- end }}

core/traefik/11.2.1/templates/_ingressroute.tpl

@@ -0,0 +1,25 @@
+{{/* Define the ingressRoute */}}
+{{- define "traefik.ingressRoute" -}}
+{{ if .Values.ingressRoute.dashboard.enabled }}
+---
+apiVersion: traefik.containo.us/v1alpha1
+kind: IngressRoute
+metadata:
+  name: {{ include "common.names.fullname" . }}-dashboard
+  annotations:
+  {{- with .Values.ingressRoute.dashboard.annotations }}
+  {{- toYaml . | nindent 4 }}
+  {{- end }}
+  labels:
+    {{- include "common.labels" . | nindent 4 }}
+spec:
+  entryPoints:
+    - main
+  routes:
+  - match: PathPrefix(`/dashboard`) || PathPrefix(`/api`)
+    kind: Rule
+    services:
+    - name: api@internal
+      kind: TraefikService
+{{ end }}
+{{- end -}}

core/traefik/11.2.1/templates/_portalhook.tpl

@@ -0,0 +1,26 @@
+{{/* Define the portalHook */}}
+{{- define "traefik.portalhook" -}}
+{{- if .Values.portalhook.enabled }}
+{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
+{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
+{{- $namespace = "default" }}
+{{- end }}
+---
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: portalhook
+  namespace: {{ $namespace }}
+data:
+  {{- $ports := dict }}
+  {{- range $.Values.service }}
+  {{- range $name, $value := .ports }}
+  {{- $_ := set $ports $name $value }}
+  {{- end }}
+  {{- end }}
+  {{- range $name, $value := $ports }}
+  {{ $name }}: {{ $value.port | quote }}
+  {{- end }}
+{{- end }}
+{{- end -}}

core/traefik/11.2.1/templates/_tlsoptions.tpl

@@ -0,0 +1,12 @@
+{{/* Define the tlsOptions */}}
+{{- define "traefik.tlsOptions" -}}
+{{- range $name, $config := .Values.tlsOptions }}
+---
+apiVersion: traefik.containo.us/v1alpha1
+kind: TLSOption
+metadata:
+  name: {{ $name }}
+spec:
+  {{- toYaml $config | nindent 2 }}
+{{- end }}
+{{- end -}}

core/traefik/11.2.1/templates/common.yaml

@@ -0,0 +1,24 @@
+{{/* Make sure all variables are set properly */}}
+{{- include "common.setup" . }}
+
+{{- if .Values.metrics }}
+{{- if .Values.metrics.prometheus }}
+{{- $_ := set .Values.podAnnotations "prometheus.io/scrape" "true" -}}
+{{- $_ := set .Values.podAnnotations "prometheus.io/path" "/metrics" -}}
+{{- $_ := set .Values.podAnnotations "prometheus.io/scrape" "9180" -}}
+{{- end }}
+{{- end }}
+
+{{- $newArgs :=  (include "traefik.args" . | fromYaml) }}
+{{- $_ := set .Values "newArgs" $newArgs -}}
+{{- $mergedargs := concat .Values.args .Values.newArgs.args }}
+{{- $_ := set .Values "args" $mergedargs -}}
+
+{{- include "traefik.portalhook" . }}
+{{- include "traefik.tlsOptions" . }}
+{{- include "traefik.ingressRoute" . }}
+{{- include "traefik.ingressClass" . }}
+
+
+{{/* Render the templates */}}
+{{ include "common.postSetup" . }}

core/traefik/11.2.1/templates/middlewares/basic-middleware.yaml

@@ -0,0 +1,65 @@
+{{- $values := .Values }}
+{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
+{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
+{{- $namespace = "default" }}
+{{- end }}
+---
+apiVersion: traefik.containo.us/v1alpha1
+kind: Middleware
+metadata:
+  name: compress
+  namespace: {{ $namespace }}
+spec:
+  compress: {}
+---
+# Here, an average of 300 requests per second is allowed.
+# In addition, a burst of 200 requests is allowed.
+apiVersion: traefik.containo.us/v1alpha1
+kind: Middleware
+metadata:
+  name: basic-ratelimit
+  namespace: {{ $namespace }}
+spec:
+  rateLimit:
+    average: 600
+    burst: 400
+---
+apiVersion: traefik.containo.us/v1alpha1
+kind: Middleware
+metadata:
+  name: basic-secure-headers
+  namespace: {{ $namespace }}
+spec:
+  headers:
+    accessControlAllowMethods:
+      - GET
+      - OPTIONS
+      - HEAD
+      - PUT
+    accessControlMaxAge: 100
+    sslRedirect: true
+    stsSeconds: 63072000
+    # stsIncludeSubdomains: false
+    # stsPreload: false
+    forceSTSHeader: true
+    contentTypeNosniff: true
+    browserXssFilter: true
+    sslForceHost: true
+    referrerPolicy: same-origin
+    customRequestHeaders:
+      X-Forwarded-Proto: "https"
+    customResponseHeaders:
+      X-Robots-Tag: 'none'
+      server: ''
+---
+apiVersion: traefik.containo.us/v1alpha1
+kind: Middleware
+metadata:
+  name: chain-basic
+  namespace: {{ $namespace }}
+spec:
+  chain:
+    middlewares:
+    - name: basic-ratelimit
+    - name: basic-secure-headers
+    - name: compress

core/traefik/11.2.1/templates/middlewares/basicauth.yaml

@@ -0,0 +1,34 @@
+{{- $values := .Values }}
+{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
+{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
+{{- $namespace = "default" }}
+{{- end }}
+{{ range $index, $middlewareData := .Values.middlewares.basicAuth }}
+---
+{{- $users := list }}
+{{ range $index, $userdata := $middlewareData.users }}
+    {{ $users = append $users ( htpasswd $userdata.username $userdata.password ) }}
+{{ end }}
+
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{printf "%v-%v" $middlewareData.name "secret" }}
+  namespace: {{ $namespace }}
+type: Opaque
+stringData:
+  users: |
+    {{- range $index, $user := $users }}
+    {{ printf "%s" $user }}
+    {{- end }}
+---
+# Declaring the user list
+apiVersion: traefik.containo.us/v1alpha1
+kind: Middleware
+metadata:
+  name: {{ $middlewareData.name }}
+  namespace: {{ $namespace }}
+spec:
+  basicAuth:
+    secret: {{printf "%v-%v" $middlewareData.name "secret" }}
+{{ end }}

core/traefik/11.2.1/templates/middlewares/chain.yaml

@@ -0,0 +1,21 @@
+{{- $values := .Values }}
+{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
+{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
+{{- $namespace = "default" }}
+{{- end }}
+{{ range $index, $middlewareData := .Values.middlewares.chain }}
+
+---
+# Declaring the user list
+apiVersion: traefik.containo.us/v1alpha1
+kind: Middleware
+metadata:
+  name: {{ $middlewareData.name }}
+  namespace: {{ $namespace }}
+spec:
+  chain:
+    middlewares:
+      {{ range $index, $middleware := .middlewares }}
+      - name: {{ printf "%v-%v@%v" $namespace $middleware "kubernetescrd" }}
+      {{ end }}
+{{ end }}

core/traefik/11.2.1/templates/middlewares/forwardauth.yaml

@@ -0,0 +1,30 @@
+{{- $values := .Values }}
+{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
+{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
+{{- $namespace = "default" }}
+{{- end }}
+{{ range $index, $middlewareData := .Values.middlewares.forwardAuth }}
+---
+apiVersion: traefik.containo.us/v1alpha1
+kind: Middleware
+metadata:
+  name: {{ $middlewareData.name }}
+  namespace: {{ $namespace }}
+spec:
+  forwardAuth:
+    address: {{ $middlewareData.address }}
+    {{- with $middlewareData.authResponseHeaders }}
+    authResponseHeaders:
+    {{- toYaml . | nindent 4 }}
+    {{- end }}
+    {{- with $middlewareData.authRequestHeaders }}
+    authRequestHeaders:
+    {{- toYaml . | nindent 4 }}
+    {{- end }}
+    {{- if $middlewareData.authResponseHeadersRegex }}
+    authResponseHeadersRegex: {{ $middlewareData.authResponseHeadersRegex }}
+    {{- end }}
+    {{- if $middlewareData.trustForwardHeader }}
+    trustForwardHeader: true
+    {{- end }}
+{{ end }}

core/traefik/11.2.1/templates/middlewares/ipwhitelist.yaml

@@ -0,0 +1,33 @@
+{{- $values := .Values }}
+{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
+{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
+{{- $namespace = "default" }}
+{{- end }}
+{{ range $index, $middlewareData := .Values.middlewares.ipWhiteList }}
+
+---
+# Declaring the user list
+apiVersion: traefik.containo.us/v1alpha1
+kind: Middleware
+metadata:
+  name: {{ $middlewareData.name }}
+  namespace: {{ $namespace }}
+spec:
+  ipWhiteList:
+    sourceRange:
+      {{- range $middlewareData.sourceRange }}
+      - {{ . }}
+      {{- end }}
+    {{- if $middlewareData.ipStrategy }}
+    ipStrategy:
+      {{- if $middlewareData.ipStrategy.depth }}
+      depth: {{ $middlewareData.ipStrategy.depth }}
+      {{- end }}
+      {{- if $middlewareData.ipStrategy.excludedIPs }}
+      excludedIPs:
+        {{- range $middlewareData.ipStrategy.excludedIPs }}
+        - {{ . }}
+        {{- end }}
+      {{- end }}
+    {{- end }}
+{{ end }}

core/traefik/11.2.1/templates/middlewares/ratelimit.yaml

@@ -0,0 +1,19 @@
+{{- $values := .Values }}
+{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
+{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
+{{- $namespace = "default" }}
+{{- end }}
+{{ range $index, $middlewareData := .Values.middlewares.rateLimit }}
+
+---
+# Declaring the user list
+apiVersion: traefik.containo.us/v1alpha1
+kind: Middleware
+metadata:
+  name: {{ $middlewareData.name }}
+  namespace: {{ $namespace }}
+spec:
+  rateLimit:
+    average: {{ $middlewareData.average }}
+    burst: {{ $middlewareData.burst }}
+{{ end }}

core/traefik/11.2.1/templates/middlewares/redirectScheme.yaml

@@ -0,0 +1,19 @@
+{{- $values := .Values }}
+{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
+{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
+{{- $namespace = "default" }}
+{{- end }}
+{{ range $index, $middlewareData := .Values.middlewares.redirectScheme }}
+
+---
+# Declaring the user list
+apiVersion: traefik.containo.us/v1alpha1
+kind: Middleware
+metadata:
+  name: {{ $middlewareData.name }}
+  namespace: {{ $namespace }}
+spec:
+  redirectScheme:
+    scheme: {{ $middlewareData.scheme }}
+    permanent: {{ $middlewareData.permanent }}
+{{ end }}

core/traefik/11.2.1/templates/middlewares/redirectregex.yaml

@@ -0,0 +1,20 @@
+{{- $values := .Values }}
+{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
+{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
+{{- $namespace = "default" }}
+{{- end }}
+{{ range $index, $middlewareData := .Values.middlewares.redirectRegex }}
+
+---
+# Declaring the user list
+apiVersion: traefik.containo.us/v1alpha1
+kind: Middleware
+metadata:
+  name: {{ $middlewareData.name }}
+  namespace: {{ $namespace }}
+spec:
+  redirectRegex:
+    regex: {{ $middlewareData.regex | quote }}
+    replacement: {{ $middlewareData.replacement | quote }}
+    permanent: {{ $middlewareData.permanent }}
+{{ end }}

core/traefik/11.2.1/templates/middlewares/stripPrefixRegex.yaml

@@ -0,0 +1,20 @@
+{{- $values := .Values }}
+{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
+{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
+{{- $namespace = "default" }}
+{{- end }}
+
+{{ range $index, $middlewareData := .Values.middlewares.stripPrefixRegex }}
+---
+apiVersion: traefik.containo.us/v1alpha1
+kind: Middleware
+metadata:
+  name: {{ $middlewareData.name }}
+  namespace: {{ $namespace }}
+spec:
+  stripPrefixRegex:
+    regex:
+     {{- range $middlewareData.regex }}
+      - {{ . | quote }}
+     {{- end }}
+{{ end }}

core/traefik/11.2.1/templates/middlewares/tc-chains.yaml

@@ -0,0 +1,29 @@
+{{- $values := .Values }}
+{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
+{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
+{{- $namespace = "default" }}
+{{- end }}
+---
+apiVersion: traefik.containo.us/v1alpha1
+kind: Middleware
+metadata:
+  name: tc-opencors-chain
+  namespace: {{ $namespace }}
+spec:
+  chain:
+    middlewares:
+    - name: basic-ratelimit
+    - name: tc-opencors-headers
+    - name: compress
+---
+apiVersion: traefik.containo.us/v1alpha1
+kind: Middleware
+metadata:
+  name: tc-closedcors-chain
+  namespace: {{ $namespace }}
+spec:
+  chain:
+    middlewares:
+    - name: basic-ratelimit
+    - name: tc-closedcors-headers
+    - name: compress

core/traefik/11.2.1/templates/middlewares/tc-headers.yaml

@@ -0,0 +1,64 @@
+{{- $values := .Values }}
+{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
+{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
+{{- $namespace = "default" }}
+{{- end }}
+---
+apiVersion: traefik.containo.us/v1alpha1
+kind: Middleware
+metadata:
+  name: tc-opencors-headers
+  namespace: {{ $namespace }}
+spec:
+  headers:
+    accessControlAllowHeaders:
+    - '*'
+    accessControlAllowMethods:
+    - GET
+    - OPTIONS
+    - HEAD
+    - PUT
+    - POST
+    accessControlAllowOriginList:
+    - '*'
+    accessControlMaxAge: 100
+    browserXssFilter: true
+    contentTypeNosniff: true
+    customRequestHeaders:
+      X-Forwarded-Proto: https
+    customResponseHeaders:
+      X-Robots-Tag: none
+      server: ""
+    forceSTSHeader: true
+    referrerPolicy: same-origin
+    sslForceHost: true
+    sslRedirect: true
+    stsSeconds: 63072000
+---
+apiVersion: traefik.containo.us/v1alpha1
+kind: Middleware
+metadata:
+  name: tc-closedcors-headers
+  namespace: {{ $namespace }}
+spec:
+  headers:
+    accessControlAllowMethods:
+      - GET
+      - OPTIONS
+      - HEAD
+      - PUT
+    accessControlMaxAge: 100
+    sslRedirect: true
+    stsSeconds: 63072000
+    # stsIncludeSubdomains: false
+    # stsPreload: false
+    forceSTSHeader: true
+    contentTypeNosniff: true
+    browserXssFilter: true
+    sslForceHost: true
+    referrerPolicy: same-origin
+    customRequestHeaders:
+      X-Forwarded-Proto: "https"
+    customResponseHeaders:
+      X-Robots-Tag: 'none'
+      server: ''