From 37cd9b8ca2ada4314356dbb5a8f44b857110c44b Mon Sep 17 00:00:00 2001 From: Snyk bot Date: Sat, 28 Jan 2023 03:24:12 +0000 Subject: [PATCH] [Snyk] Security upgrade amazonlinux from latest to 2 (#2310) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Keeping your Docker base image up-to-date means you’ll benefit from security fixes in the latest version of your chosen image. #### Changes included in this PR - src/testfiles/otel_daemon/Dockerfile We recommend upgrading to `amazonlinux:2`, as this image has only 0 known vulnerabilities. To do this, merge this pull request, then verify your application still works as expected. Some of the most important vulnerabilities in your base image include: | Severity | Issue | Exploit Maturity | | :------: | :---- | :--------------- | | ![high severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/h.png "high severity") | Integer Overflow or Wraparound
[SNYK-AMZN2-KRB5LIBS-3244096](https://snyk.io/vuln/SNYK-AMZN2-KRB5LIBS-3244096) | No Known Exploit | | ![medium severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/m.png "medium severity") | Out-of-bounds Write
[SNYK-AMZN2-VIMDATA-3244105](https://snyk.io/vuln/SNYK-AMZN2-VIMDATA-3244105) | No Known Exploit | | ![medium severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/m.png "medium severity") | Out-of-bounds Write
[SNYK-AMZN2-VIMMINIMAL-3244088](https://snyk.io/vuln/SNYK-AMZN2-VIMMINIMAL-3244088) | No Known Exploit | --- **Note:** _You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs._ For more information: 🧐 [View latest project report](https://app.snyk.io/org/asimonalcion.ai/project/70e8c43e-1af4-4f6c-97ce-f2acbe45f2f4?utm_source=github&utm_medium=referral&page=fix-pr) 🛠 [Adjust project settings](https://app.snyk.io/org/asimonalcion.ai/project/70e8c43e-1af4-4f6c-97ce-f2acbe45f2f4?utm_source=github&utm_medium=referral&page=fix-pr/settings) [//]: # 'snyk:metadata:{"prId":"2b57a20d-47ea-4612-88f0-3248edceb33e","prPublicId":"2b57a20d-47ea-4612-88f0-3248edceb33e","dependencies":[{"name":"amazonlinux","from":"latest","to":"2"}],"packageManager":"dockerfile","projectPublicId":"70e8c43e-1af4-4f6c-97ce-f2acbe45f2f4","projectUrl":"https://app.snyk.io/org/asimonalcion.ai/project/70e8c43e-1af4-4f6c-97ce-f2acbe45f2f4?utm_source=github&utm_medium=referral&page=fix-pr","type":"auto","patch":[],"vulns":["SNYK-AMZN2-KRB5LIBS-3244096","SNYK-AMZN2-VIMMINIMAL-3244088","SNYK-AMZN2-VIMDATA-3244105"],"upgrade":["SNYK-AMZN2-KRB5LIBS-3244096","SNYK-AMZN2-VIMDATA-3244105","SNYK-AMZN2-VIMMINIMAL-3244088"],"isBreakingChange":false,"env":"prod","prType":"fix","templateVariants":["updated-fix-title"],"priorityScoreList":[null,null,null]}' --- **Learn how to fix vulnerabilities with free interactive lessons:** 🦉 [Learn about vulnerability in an interactive lesson of Snyk Learn.](https://learn.snyk.io/?loc=fix-pr) --- src/testfiles/otel_daemon/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/testfiles/otel_daemon/Dockerfile b/src/testfiles/otel_daemon/Dockerfile index 85afeb757..89b956905 100644 --- a/src/testfiles/otel_daemon/Dockerfile +++ b/src/testfiles/otel_daemon/Dockerfile @@ -1,4 +1,4 @@ -FROM amazonlinux +FROM amazonlinux:2 RUN yum install -y unzip RUN curl -o daemon.zip https://s3.us-east-2.amazonaws.com/aws-xray-assets.us-east-2/xray-daemon/aws-xray-daemon-linux-3.x.zip RUN unzip daemon.zip && cp xray /usr/bin/xray