fix: add missing apt deps and address high-severity sandbox image vulnerabilities#22
Closed
fix: add missing apt deps and address high-severity sandbox image vulnerabilities#22
Conversation
These packages are required for VS Code and Cursor remote SSH connections to function properly (SFTP file transfer, process inspection).
- base: force-upgrade tar@7.5.11 to fix 6 CVEs (GHSA-qffp, GHSA-9ppj, GHSA-8qq5, GHSA-r6q2, GHSA-34x7, GHSA-83g3) - openclaw: pin openclaw@2026.3.7 to fix auth material leak and cross-origin header forwarding (GHSA-rchv, GHSA-6mgf) - nemoclaw: force-upgrade @hono/node-server@1.19.11 to fix authorization bypass via encoded slashes (GHSA-wc8c)
drew
added a commit
that referenced
this pull request
Mar 12, 2026
Incorporates changes from PR #22: - openssh-sftp-server and procps are required for VS Code / Cursor remote SSH connections (SFTP file transfer, process inspection) - tar@7.5.11 in the base image fixes 6 CVEs at the earliest layer
drew
added a commit
that referenced
this pull request
Mar 12, 2026
* chore: upgrade Python to 3.13, openclaw to 2026.3.11, and fix transitive tar vulnerabilities - base: replace Ubuntu Noble's Python 3.12 with Python 3.13 from deadsnakes PPA - openclaw: pin openclaw@2026.3.11 to fix GHSA-5wcw-8jjv-m286 (WebSocket hijacking) - nemoclaw: force-upgrade nested tar copies to 7.5.11 (GHSA-qffp-2rhf-9h96 et al.) * fix: pin @hono/node-server@1.19.11 to fix authorization bypass (GHSA-wc8c-qw6v-h7f6) * chore: add openssh-sftp-server, procps, and tar@7.5.11 to base image Incorporates changes from PR #22: - openssh-sftp-server and procps are required for VS Code / Cursor remote SSH connections (SFTP file transfer, process inspection) - tar@7.5.11 in the base image fixes 6 CVEs at the earliest layer * fix: drop npm internal tar update that fails on missing @npmcli/docs npm's bundled node_modules cannot be safely updated via --prefix; the update resolves @npmcli/docs@^1.0.0 which does not exist on the registry. The global tar@7.5.11 install and the openclaw-scoped update are sufficient.
factory-octavian
pushed a commit
to factory-octavian/OpenShell-Community
that referenced
this pull request
Apr 1, 2026
…as claude, outlook, etc (!23) ## Summary - Add `Provider` entity for managing 3p deps from a sandbox - Add provider CRUD API/server persistence and new CLI workflows (`nav provider create/get/list/update/delete`), including `--from-existing` laptop discovery. - Integrate providers into sandbox create flow: infer from command (`-- claude`), support repeatable `--provider <type>`, prompt before auto-create, and allow manual in-sandbox setup. - Add a dedicated `navigator-providers` crate with per-provider modules and mockable discovery test helpers. ## Key UX Changes - `nav sandbox create --provider gitlab -- claude` - Missing provider prompt now asks before creating from local state. - `nav provider list --names` for scripting/cleanup. ## Test Plan - `mise run cluster:deploy` - `mise run test:e2e:sandbox` - `mise run pre-commit` Closes NVIDIA#19 Closes NVIDIA#22 Closes NVIDIA#11
factory-octavian
pushed a commit
to factory-octavian/OpenShell-Community
that referenced
this pull request
Apr 1, 2026
…ifecycle cleanup (#182) * fix(security): add SSH session token expiry, connection limits, and lifecycle cleanup Closes NVIDIA#22 SSH session tokens previously had no TTL and remained valid indefinitely. This adds configurable token expiry (default 24h), per-token (10) and per-sandbox (20) concurrent connection limits, session cleanup on sandbox deletion, and a background reaper for expired/revoked sessions. * fix(security): lower per-token concurrent connection limit from 10 to 3 --------- Co-authored-by: John Myers <johntmyers@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
openssh-sftp-serverandprocpsto the base sandbox image (required for VS Code / Cursor remote SSH)Vulnerability Scan Disposition
quinn-proto@hono/node-servernemoclaw/Dockerfile@hono/node-server@1.19.11.openclawopenclaw/Dockerfileopenclaw@2026.3.7.openclawopenclaw/Dockerfiletarbase/Dockerfiletar@7.5.11.tarbase/Dockerfiletarbase/Dockerfiletar@7.5.11supersedes all prior fix versions.tarbase/Dockerfiletarbase/Dockerfiletarbase/Dockerfileghbase/DockerfileNot addressable in this repo
quinn-protoghChanges
sandboxes/base/Dockerfileopenssh-sftp-serverandprocpsapt packagesnpm install -g tar@7.5.11after Node.js install (fixes 6 tar CVEs)sandboxes/openclaw/Dockerfileopenclaw@2026.3.7(fixes 2 openclaw CVEs: auth material leak + cross-origin header forwarding)sandboxes/nemoclaw/Dockerfilenpm install -g @hono/node-server@1.19.11(fixes authorization bypass via encoded slashes)