From d46bb5daf6c30f1b4ec06c17730ce33f22dbbb65 Mon Sep 17 00:00:00 2001 From: TrueCharts-Bot Date: Wed, 15 Jun 2022 15:14:18 +0000 Subject: [PATCH] Commit new App releases for TrueCharts Signed-off-by: TrueCharts-Bot --- incubator/awesome-ttrss/0.0.1/CHANGELOG.md | 6 --- incubator/awesome-ttrss/0.0.2/CHANGELOG.md | 14 +++++ .../awesome-ttrss/{0.0.1 => 0.0.2}/Chart.lock | 2 +- .../awesome-ttrss/{0.0.1 => 0.0.2}/Chart.yaml | 2 +- .../awesome-ttrss/{0.0.1 => 0.0.2}/README.md | 0 .../{0.0.1 => 0.0.2}/app-readme.md | 0 .../charts/common-10.0.10.tgz | Bin .../charts/postgresql-8.0.7.tgz | Bin .../{0.0.1 => 0.0.2}/ix_values.yaml | 0 .../{0.0.1 => 0.0.2}/questions.yaml | 6 +-- .../{0.0.1 => 0.0.2}/security.md | 49 ++++++++---------- .../{0.0.1 => 0.0.2}/templates/common.yaml | 0 .../{0.0.1 => 0.0.2}/values.yaml | 0 13 files changed, 42 insertions(+), 37 deletions(-) delete mode 100644 incubator/awesome-ttrss/0.0.1/CHANGELOG.md create mode 100644 incubator/awesome-ttrss/0.0.2/CHANGELOG.md rename incubator/awesome-ttrss/{0.0.1 => 0.0.2}/Chart.lock (85%) rename incubator/awesome-ttrss/{0.0.1 => 0.0.2}/Chart.yaml (98%) rename incubator/awesome-ttrss/{0.0.1 => 0.0.2}/README.md (100%) rename incubator/awesome-ttrss/{0.0.1 => 0.0.2}/app-readme.md (100%) rename incubator/awesome-ttrss/{0.0.1 => 0.0.2}/charts/common-10.0.10.tgz (100%) rename incubator/awesome-ttrss/{0.0.1 => 0.0.2}/charts/postgresql-8.0.7.tgz (100%) rename incubator/awesome-ttrss/{0.0.1 => 0.0.2}/ix_values.yaml (100%) rename incubator/awesome-ttrss/{0.0.1 => 0.0.2}/questions.yaml (99%) rename incubator/awesome-ttrss/{0.0.1 => 0.0.2}/security.md (99%) rename incubator/awesome-ttrss/{0.0.1 => 0.0.2}/templates/common.yaml (100%) rename incubator/awesome-ttrss/{0.0.1 => 0.0.2}/values.yaml (100%) diff --git a/incubator/awesome-ttrss/0.0.1/CHANGELOG.md b/incubator/awesome-ttrss/0.0.1/CHANGELOG.md deleted file mode 100644 index 4d92fb172f2..00000000000 --- a/incubator/awesome-ttrss/0.0.1/CHANGELOG.md +++ /dev/null @@ -1,6 +0,0 @@ -# Changelog
- - - -### awesome-ttrss-0.0.1 (2022-06-15) - diff --git a/incubator/awesome-ttrss/0.0.2/CHANGELOG.md b/incubator/awesome-ttrss/0.0.2/CHANGELOG.md new file mode 100644 index 00000000000..c90a80d23d3 --- /dev/null +++ b/incubator/awesome-ttrss/0.0.2/CHANGELOG.md @@ -0,0 +1,14 @@ +# Changelog
+ + + +### [awesome-ttrss-0.0.2](https://github.com/truecharts/apps/compare/awesome-ttrss-0.0.1...awesome-ttrss-0.0.2) (2022-06-15) + +#### Fix + +* fix question ([#2902](https://github.com/truecharts/apps/issues/2902)) + + + + +### awesome-ttrss-0.0.1 (2022-06-15) diff --git a/incubator/awesome-ttrss/0.0.1/Chart.lock b/incubator/awesome-ttrss/0.0.2/Chart.lock similarity index 85% rename from incubator/awesome-ttrss/0.0.1/Chart.lock rename to incubator/awesome-ttrss/0.0.2/Chart.lock index 860fcfb835b..03745b73af4 100644 --- a/incubator/awesome-ttrss/0.0.1/Chart.lock +++ b/incubator/awesome-ttrss/0.0.2/Chart.lock @@ -6,4 +6,4 @@ dependencies: repository: https://charts.truecharts.org/ version: 8.0.7 digest: sha256:2b4c13c14e572773165d89a3f24c637b85e6f0350c73bb5ee029464a014327d6 -generated: "2022-06-15T10:17:44.532775992Z" +generated: "2022-06-15T15:08:40.659590843Z" diff --git a/incubator/awesome-ttrss/0.0.1/Chart.yaml b/incubator/awesome-ttrss/0.0.2/Chart.yaml similarity index 98% rename from incubator/awesome-ttrss/0.0.1/Chart.yaml rename to incubator/awesome-ttrss/0.0.2/Chart.yaml index 28be84b8546..7ef8dc3bdc0 100644 --- a/incubator/awesome-ttrss/0.0.1/Chart.yaml +++ b/incubator/awesome-ttrss/0.0.2/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: "latest-202" description: Awesome TTRSS aims to provide a powerful Dockerized all-in-one solution for Tiny Tiny RSS name: awesome-ttrss -version: 0.0.1 +version: 0.0.2 kubeVersion: ">=1.16.0-0" keywords: - tt-rss diff --git a/incubator/awesome-ttrss/0.0.1/README.md b/incubator/awesome-ttrss/0.0.2/README.md similarity index 100% rename from incubator/awesome-ttrss/0.0.1/README.md rename to incubator/awesome-ttrss/0.0.2/README.md diff --git a/incubator/awesome-ttrss/0.0.1/app-readme.md b/incubator/awesome-ttrss/0.0.2/app-readme.md similarity index 100% rename from incubator/awesome-ttrss/0.0.1/app-readme.md rename to incubator/awesome-ttrss/0.0.2/app-readme.md diff --git a/incubator/awesome-ttrss/0.0.1/charts/common-10.0.10.tgz b/incubator/awesome-ttrss/0.0.2/charts/common-10.0.10.tgz similarity index 100% rename from incubator/awesome-ttrss/0.0.1/charts/common-10.0.10.tgz rename to incubator/awesome-ttrss/0.0.2/charts/common-10.0.10.tgz diff --git a/incubator/awesome-ttrss/0.0.1/charts/postgresql-8.0.7.tgz b/incubator/awesome-ttrss/0.0.2/charts/postgresql-8.0.7.tgz similarity index 100% rename from incubator/awesome-ttrss/0.0.1/charts/postgresql-8.0.7.tgz rename to incubator/awesome-ttrss/0.0.2/charts/postgresql-8.0.7.tgz diff --git a/incubator/awesome-ttrss/0.0.1/ix_values.yaml b/incubator/awesome-ttrss/0.0.2/ix_values.yaml similarity index 100% rename from incubator/awesome-ttrss/0.0.1/ix_values.yaml rename to incubator/awesome-ttrss/0.0.2/ix_values.yaml diff --git a/incubator/awesome-ttrss/0.0.1/questions.yaml b/incubator/awesome-ttrss/0.0.2/questions.yaml similarity index 99% rename from incubator/awesome-ttrss/0.0.1/questions.yaml rename to incubator/awesome-ttrss/0.0.2/questions.yaml index 80e72d03589..5c4e02f7abd 100644 --- a/incubator/awesome-ttrss/0.0.1/questions.yaml +++ b/incubator/awesome-ttrss/0.0.2/questions.yaml @@ -176,9 +176,9 @@ questions: additional_attrs: true type: dict attrs: - - variable: TTRSS_SELF_URL_PATH - label: "TTRSS_SELF_URL_PATH" - description: "Sets the TTRSS_SELF_URL_PATH env var" + - variable: SELF_URL_PATH + label: "SELF_URL_PATH" + description: "Sets the SELF_URL_PATH env var" schema: type: string default: "" diff --git a/incubator/awesome-ttrss/0.0.1/security.md b/incubator/awesome-ttrss/0.0.2/security.md similarity index 99% rename from incubator/awesome-ttrss/0.0.1/security.md rename to incubator/awesome-ttrss/0.0.2/security.md index b43efb4cfdb..36edf76d440 100644 --- a/incubator/awesome-ttrss/0.0.1/security.md +++ b/incubator/awesome-ttrss/0.0.2/security.md @@ -12,9 +12,9 @@ hide: ##### Scan Results #### Chart Object: awesome-ttrss/charts/postgresql/templates/common.yaml - - + + | Type | Misconfiguration ID | Check | Severity | Explaination | Links | |:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------| | Kubernetes Security Check | KSV001 | Process can elevate its own privileges | MEDIUM |
Expand... A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.

Container 'autopermissions' of StatefulSet 'RELEASE-NAME-postgresql' should set 'securityContext.allowPrivilegeEscalation' to false
|
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv001
| @@ -30,7 +30,7 @@ hide: | Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM |
Expand... Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.

Container 'autopermissions' of StatefulSet 'RELEASE-NAME-postgresql' should set 'securityContext.runAsGroup' > 10000
|
Expand...https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv021
| | Kubernetes Security Check | KSV029 | A root primary or supplementary GID set | LOW |
Expand... Containers should be forbidden from running with a root primary or supplementary GID.

StatefulSet 'RELEASE-NAME-postgresql' should set 'spec.securityContext.runAsGroup', 'spec.securityContext.supplementalGroups[*]' and 'spec.securityContext.fsGroup' to integer greater than 0
|
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv029
| - + | Type | Misconfiguration ID | Check | Severity | Explaination | Links | |:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------| | Kubernetes Security Check | KSV001 | Process can elevate its own privileges | MEDIUM |
Expand... A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.

Container 'autopermissions' of Deployment 'RELEASE-NAME-awesome-ttrss' should set 'securityContext.allowPrivilegeEscalation' to false
|
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv001
| @@ -66,11 +66,11 @@ hide: #### Container: tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583 (alpine 3.15.2) - + **alpine** - + | Package | Vulnerability | Severity | Installed Version | Fixed Version | Links | |:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------| | busybox | CVE-2022-28391 | CRITICAL | 1.34.1-r4 | 1.34.1-r5 |
Expand...https://access.redhat.com/security/cve/CVE-2022-28391
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391
https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch
https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch
https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661
https://nvd.nist.gov/vuln/detail/CVE-2022-28391
| @@ -87,11 +87,11 @@ hide: #### Container: tccr.io/truecharts/postgresql:v14.3.0@sha256:5a7765edadb738a56757590d843417861d27628cf56fefb25e30870f5e047620 (debian 11.3) - + **debian** - + | Package | Vulnerability | Severity | Installed Version | Fixed Version | Links | |:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------| | apt | CVE-2011-3374 | LOW | 2.2.4 | |
Expand...https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
| @@ -223,15 +223,15 @@ hide: **jar** - + | No Vulnerabilities found | |:---------------------------------| - + **gobinary** - + | Package | Vulnerability | Severity | Installed Version | Fixed Version | Links | |:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------| | github.com/opencontainers/runc | CVE-2021-43784 | MEDIUM | v1.0.1 | v1.0.3 |
Expand...https://access.redhat.com/security/cve/CVE-2021-43784
https://bugs.chromium.org/p/project-zero/issues/detail?id=2241
https://github.com/opencontainers/runc/commit/9c444070ec7bb83995dbc0185da68284da71c554
https://github.com/opencontainers/runc/commit/d72d057ba794164c3cce9451a00b72a78b25e1ae
https://github.com/opencontainers/runc/commit/f50369af4b571e358f20b139eea52d612eb55eed
https://github.com/opencontainers/runc/security/advisories/GHSA-v95c-p5hm-xq8f
https://lists.debian.org/debian-lts-announce/2021/12/msg00005.html
https://nvd.nist.gov/vuln/detail/CVE-2021-43784
| @@ -239,11 +239,11 @@ hide: #### Container: tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583 (alpine 3.15.2) - + **alpine** - + | Package | Vulnerability | Severity | Installed Version | Fixed Version | Links | |:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------| | busybox | CVE-2022-28391 | CRITICAL | 1.34.1-r4 | 1.34.1-r5 |
Expand...https://access.redhat.com/security/cve/CVE-2022-28391
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391
https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch
https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch
https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661
https://nvd.nist.gov/vuln/detail/CVE-2022-28391
| @@ -260,11 +260,11 @@ hide: #### Container: tccr.io/truecharts/postgresql:v14.3.0@sha256:5a7765edadb738a56757590d843417861d27628cf56fefb25e30870f5e047620 (debian 11.3) - + **debian** - + | Package | Vulnerability | Severity | Installed Version | Fixed Version | Links | |:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------| | apt | CVE-2011-3374 | LOW | 2.2.4 | |
Expand...https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
| @@ -396,15 +396,15 @@ hide: **jar** - + | No Vulnerabilities found | |:---------------------------------| - + **gobinary** - + | Package | Vulnerability | Severity | Installed Version | Fixed Version | Links | |:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------| | github.com/opencontainers/runc | CVE-2021-43784 | MEDIUM | v1.0.1 | v1.0.3 |
Expand...https://access.redhat.com/security/cve/CVE-2021-43784
https://bugs.chromium.org/p/project-zero/issues/detail?id=2241
https://github.com/opencontainers/runc/commit/9c444070ec7bb83995dbc0185da68284da71c554
https://github.com/opencontainers/runc/commit/d72d057ba794164c3cce9451a00b72a78b25e1ae
https://github.com/opencontainers/runc/commit/f50369af4b571e358f20b139eea52d612eb55eed
https://github.com/opencontainers/runc/security/advisories/GHSA-v95c-p5hm-xq8f
https://lists.debian.org/debian-lts-announce/2021/12/msg00005.html
https://nvd.nist.gov/vuln/detail/CVE-2021-43784
| @@ -412,11 +412,11 @@ hide: #### Container: wangqiru/ttrss:latest-2022-04-19@sha256:08c55163614f2b3307d6916b1fde725f5a8606b10856c6af0f6bc2f52f9d4347 (alpine 3.15.4) - + **alpine** - + | Package | Vulnerability | Severity | Installed Version | Fixed Version | Links | |:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------| | curl | CVE-2022-22576 | HIGH | 7.80.0-r0 | 7.80.0-r1 |
Expand...https://access.redhat.com/security/cve/CVE-2022-22576
https://curl.se/docs/CVE-2022-22576.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576
https://hackerone.com/reports/1526328
https://nvd.nist.gov/vuln/detail/CVE-2022-22576
https://security.netapp.com/advisory/ntap-20220609-0008/
https://ubuntu.com/security/notices/USN-5397-1
| @@ -437,24 +437,21 @@ hide: **node-pkg** - + | Package | Vulnerability | Severity | Installed Version | Fixed Version | Links | |:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------| | dojo | CVE-2021-23450 | HIGH | 1.16.4 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-23450
https://github.com/advisories/GHSA-m8gw-hjpr-rjv7
https://github.com/dojo/dojo/blob/4c39c14349408fc8274e19b399ffc660512ed07c/_base/lang.js%23L172
https://nvd.nist.gov/vuln/detail/CVE-2021-23450
https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-2313036
https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-2313035
https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBDOJO-2313034
https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-2313033
https://snyk.io/vuln/SNYK-JS-DOJO-1535223
https://www.oracle.com/security-alerts/cpuapr2022.html
| **composer** - + | No Vulnerabilities found | |:---------------------------------| - + **composer** - + | No Vulnerabilities found | |:---------------------------------| - - - diff --git a/incubator/awesome-ttrss/0.0.1/templates/common.yaml b/incubator/awesome-ttrss/0.0.2/templates/common.yaml similarity index 100% rename from incubator/awesome-ttrss/0.0.1/templates/common.yaml rename to incubator/awesome-ttrss/0.0.2/templates/common.yaml diff --git a/incubator/awesome-ttrss/0.0.1/values.yaml b/incubator/awesome-ttrss/0.0.2/values.yaml similarity index 100% rename from incubator/awesome-ttrss/0.0.1/values.yaml rename to incubator/awesome-ttrss/0.0.2/values.yaml