From 2b2614a3d49f884f25df2423f23113f5fb2a2e6b Mon Sep 17 00:00:00 2001 From: Ivan Rimac Date: Tue, 20 Apr 2021 00:21:02 +0200 Subject: [PATCH 1/2] fix Dockerfile for 16.04; add support for 18.04 and 20.04; cleanup --- contrib/docker/Dockerfile | 120 -- contrib/docker/Dockerfile-ubuntu-16.04 | 129 ++ contrib/docker/Dockerfile-ubuntu-18.04 | 129 ++ contrib/docker/Dockerfile-ubuntu-20.04 | 130 ++ contrib/docker/docs/config.md | 8 +- contrib/docker/docs/readme.md | 10 +- contrib/docker/image-vulnerability-report.txt | 1400 ----------------- contrib/docker/scripts/stealth_init.mine | 26 - contrib/docker/scripts/stealth_oneshot.mine | 19 - contrib/docker/test/README.md | 18 - contrib/docker/test/config.sh | 12 - contrib/docker/test/run.sh | 202 --- contrib/docker/test/tests/docker-build.sh | 39 - contrib/docker/test/tests/image-name.sh | 10 - .../test/tests/rpcpassword/container.sh | 26 - contrib/docker/test/tests/rpcpassword/run.sh | 1 - .../test/tests/run-bash-in-container.sh | 7 - contrib/docker/test/tests/run-in-container.sh | 46 - 18 files changed, 397 insertions(+), 1935 deletions(-) delete mode 100644 contrib/docker/Dockerfile create mode 100644 contrib/docker/Dockerfile-ubuntu-16.04 create mode 100644 contrib/docker/Dockerfile-ubuntu-18.04 create mode 100644 contrib/docker/Dockerfile-ubuntu-20.04 delete mode 100644 contrib/docker/image-vulnerability-report.txt delete mode 100644 contrib/docker/scripts/stealth_init.mine delete mode 100644 contrib/docker/scripts/stealth_oneshot.mine delete mode 100644 contrib/docker/test/README.md delete mode 100644 contrib/docker/test/config.sh delete mode 100755 contrib/docker/test/run.sh delete mode 100755 contrib/docker/test/tests/docker-build.sh delete mode 100755 contrib/docker/test/tests/image-name.sh delete mode 100644 contrib/docker/test/tests/rpcpassword/container.sh delete mode 120000 contrib/docker/test/tests/rpcpassword/run.sh delete mode 100755 contrib/docker/test/tests/run-bash-in-container.sh delete mode 100755 contrib/docker/test/tests/run-in-container.sh diff --git a/contrib/docker/Dockerfile b/contrib/docker/Dockerfile deleted file mode 100644 index 2090996..0000000 --- a/contrib/docker/Dockerfile +++ /dev/null @@ -1,120 +0,0 @@ -## TODO: Pin versions in apt get install -## TODO: make the final container non-root? - -#### BUILD STAGE #### -FROM ubuntu:xenial as build -LABEL maintainer="Ivan Rimac " - -# add bitcoin repo so we can install all dependencies -RUN apt-key adv --keyserver keyserver.ubuntu.com --recv-keys C70EF1F0305A1ADB9986DBD8D46F45428842CE5E && \ - echo "deb http://ppa.launchpad.net/bitcoin/bitcoin/ubuntu xenial main" > /etc/apt/sources.list.d/bitcoin.list - -# install dependencies -RUN apt-get update \ - && apt-get install -y --no-install-recommends \ - cmake \ - build-essential \ - libssl-dev \ - ibdb4.8-dev \ - libdb4.8++-dev \ - libboost-all-dev \ - libqrencode-dev \ - libevent-dev \ - && apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* - - -# change workdir to dedicated workspace -WORKDIR /stealth - -# fetch the compressed source of stealth -ADD https://github.com/StealthSend/Stealth/archive/qpos-3.0.tar.gz . - -# unpack the source of stealth -RUN tar xvzf ./*qpos-3.0*.tar.gz - -# clean up after -RUN mv ./Stealth-*/* . -RUN rm -Rf ./Stealth-* ./*qpos-3.0*.tar.gz - -# change the workdir to source of stealth -WORKDIR /stealth/src - -# build stealth from source -RUN make -f makefile.unix - -# change to main workspace -WORKDIR /stealth - -# copy built binary to local bin directory -RUN cp /stealth/src/StealthCoind /usr/local/bin - -# grab gosu for easy step-down from root -ENV GOSU_VERSION 1.11 -RUN set -x \ - && apt-get update && apt-get install -y --no-install-recommends \ - ca-certificates \ - wget \ - && wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$(dpkg --print-architecture)" \ - && wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$(dpkg --print-architecture).asc" \ - && export GNUPGHOME="$(mktemp -d)" \ - && gpg --keyserver ha.pool.sks-keyservers.net --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4 \ - && gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu \ - && rm -r "$GNUPGHOME" /usr/local/bin/gosu.asc \ - && chmod +x /usr/local/bin/gosu \ - && gosu nobody true \ - && apt-get purge -y \ - ca-certificates \ - wget \ - && apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* - -# move repo binaries to local bin directory -COPY ./scripts /usr/local/bin -COPY docker-entrypoint.sh /usr/local/bin/ - -# make them executable -RUN chmod -R +x /usr/local/bin - -#### FINAL STAGE #### -FROM phusion/baseimage:0.10.2 - -ARG USER_ID -ARG GROUP_ID - -ENV HOME /stealth - -# add user with specified (or default) user/group ids -ENV USER_ID ${USER_ID:-1000} -ENV GROUP_ID ${GROUP_ID:-1000} - -# add our user and group first to make sure their IDs get assigned consistently, regardless of whatever dependencies get added -RUN groupadd -g ${GROUP_ID} stealth \ - && useradd -u ${USER_ID} -g stealth -s /bin/bash -m -d /stealth stealth - -RUN apt-get update \ - && apt-get install -y --no-install-recommends \ - libevent-dev \ - ca-certificates \ - wget \ - p7zip-full \ - && apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* - -# change to main workspace -WORKDIR /stealth - -# copy binaries from build stage -COPY --from=build /usr/local/bin /bin - -# create a volume for external configuration and blockchain data -VOLUME ["/stealth"] - -# change ownership of the working directory -RUN chown -R stealth:stealth /stealth - -# expose p2p and rpc ports -EXPOSE 4437 4438 46502 46503 - -# leave entrypoint for extra commands to run -ENTRYPOINT ["docker-entrypoint.sh"] - -# main command to run when container starts -CMD ["stealth_oneshot"] diff --git a/contrib/docker/Dockerfile-ubuntu-16.04 b/contrib/docker/Dockerfile-ubuntu-16.04 new file mode 100644 index 0000000..b81e499 --- /dev/null +++ b/contrib/docker/Dockerfile-ubuntu-16.04 @@ -0,0 +1,129 @@ +FROM ubuntu:16.04 as build + +# install bulk of dependencies +RUN apt-get update \ + && apt-get upgrade -y \ + && DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \ + wget vim-common jq ca-certificates git cmake autoconf build-essential \ + openssl libssl-dev doxygen libncurses5-dev \ + libreadline6 libreadline6-dev zlib1g-dev \ + tcsh libbz2-dev libtool \ + libssl-dev libprotobuf-dev \ + protobuf-compiler pkg-config p7zip-full \ + libcurl4-openssl-dev unzip curl python-dev \ + libxml2-dev libxslt-dev libkrb5-dev + +# install BDB and LibEvent +ENV HOME /root +RUN cd \ + && mkdir -p ${HOME}/Deps/bdb \ + && cd ${HOME}/Deps/bdb \ + && wget http://download.oracle.com/berkeley-db/db-4.8.30.NC.tar.gz \ + && echo '12edc0df75bf9abd7f82f821795bcee50f42cb2e5f76a6a281b85732798364ef db-4.8.30.NC.tar.gz' | sha256sum -c \ + && tar xvf db-4.8.30.NC.tar.gz \ + && cd db-4.8.30.NC/build_unix/ \ + && ../dist/configure --disable-shared --enable-cxx --with-pic --prefix=/usr/local \ + && make -j2 \ + && make install + +# install libevent +RUN apt-get install -y --no-install-recommends libevent-dev + +# set key environment variables +ENV DEPS ${HOME}/Deps +RUN cd ${DEPS} +ENV XSTDIR ${DEPS}/stealth +ENV XST_BRANCH qpos-3.0 + +# build boost +ENV BOOSTR 1 +ENV BOOSTS 65 +ENV BOOSTM 1 +ENV BOOSTP ${BOOSTR}_${BOOSTS}_${BOOSTM} +ENV BOOSTV ${BOOSTR}.${BOOSTS}.${BOOSTM} +ENV BUILDDIR build-xst +ENV BOOST_ROOT ${DEPS}/boost/boost-xst + +RUN mkdir -p ${DEPS}/boost \ + && wget https://sourceforge.net/projects/boost/files/boost/${BOOSTV}/boost_${BOOSTP}.tar.bz2 \ + && tar xvf boost_${BOOSTP}.tar.bz2 \ + && mkdir -p ${BOOST_ROOT} \ + && cd boost_${BOOSTP} \ + && ./bootstrap.sh \ + && ./b2 --prefix=$BOOST_ROOT --build-dir=${BUILDDIR} link=static install + +# build the stealth client +ENV BOOST_LIB_PATH ${BOOST_ROOT}/lib +ENV BOOST_INCLUDE_PATH ${BOOST_ROOT}/include +ENV BOOST_LIB_SUFFIX "" + +RUN mkdir -p ${XSTDIR} \ + && cd ${XSTDIR} \ + && git clone https://github.com/StealthSend/Stealth.git \ + && cd Stealth/src \ + && git checkout ${XST_BRANCH} \ + && make -f makefile.unix \ + && cp StealthCoind /usr/local/bin/StealthCoind + +# grab gosu for easy step-down from root +ENV GOSU_VERSION 1.11 +RUN set -x \ + && apt-get update \ + && wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$(dpkg --print-architecture)" \ + && wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$(dpkg --print-architecture).asc" \ + && export GNUPGHOME="$(mktemp -d)" \ + && gpg --keyserver ha.pool.sks-keyservers.net --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4 \ + && gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu \ + && rm -r "$GNUPGHOME" /usr/local/bin/gosu.asc \ + && chmod +x /usr/local/bin/gosu \ + && gosu nobody true \ + && apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* + +# move repo binaries to local bin directory +COPY ./scripts /usr/local/bin +COPY docker-entrypoint.sh /usr/local/bin/ + +# make them executable +RUN chmod -R +x /usr/local/bin + +#### FINAL STAGE #### +FROM phusion/baseimage:0.10.2 + +ARG USER_ID +ARG GROUP_ID + +ENV HOME /stealth + +# add user with specified (or default) user/group ids +ENV USER_ID ${USER_ID:-1000} +ENV GROUP_ID ${GROUP_ID:-1000} + +# add our user and group first to make sure their IDs get assigned consistently, regardless of whatever dependencies get added +RUN groupadd -g ${GROUP_ID} stealth \ + && useradd -u ${USER_ID} -g stealth -s /bin/bash -m -d /stealth stealth + +RUN apt-get update \ + && apt-get install -y --no-install-recommends \ + libevent-dev ca-certificates wget p7zip-full \ + && apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* + +# change to main workspace +WORKDIR /stealth + +# copy binaries from build stage +COPY --from=build /usr/local/bin /bin + +# create a volume for external configuration and blockchain data +VOLUME ["/stealth"] + +# change ownership of the working directory +RUN chown -R stealth:stealth /stealth + +# expose p2p and rpc ports +EXPOSE 4437 4438 46502 46503 + +# leave entrypoint for extra commands to run +ENTRYPOINT ["docker-entrypoint.sh"] + +# main command to run when container starts +CMD ["stealth_oneshot"] diff --git a/contrib/docker/Dockerfile-ubuntu-18.04 b/contrib/docker/Dockerfile-ubuntu-18.04 new file mode 100644 index 0000000..f8e4a56 --- /dev/null +++ b/contrib/docker/Dockerfile-ubuntu-18.04 @@ -0,0 +1,129 @@ +FROM ubuntu:18.04 as build + +# install bulk of dependencies +RUN apt-get update \ + && apt-get upgrade -y \ + && DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \ + wget vim-common jq ca-certificates git cmake autoconf build-essential \ + openssl libssl-dev doxygen libncurses5-dev \ + libreadline7 libreadline-dev zlib1g-dev \ + tcsh libbz2-dev libtool \ + libssl-dev libprotobuf-dev \ + protobuf-compiler pkg-config p7zip-full \ + libcurl4-openssl-dev unzip curl python-dev \ + libxml2-dev libxslt1-dev libkrb5-dev + +# install BDB and LibEvent +ENV HOME /root +RUN cd \ + && mkdir -p ${HOME}/Deps/bdb \ + && cd ${HOME}/Deps/bdb \ + && wget http://download.oracle.com/berkeley-db/db-4.8.30.NC.tar.gz \ + && echo '12edc0df75bf9abd7f82f821795bcee50f42cb2e5f76a6a281b85732798364ef db-4.8.30.NC.tar.gz' | sha256sum -c \ + && tar xvf db-4.8.30.NC.tar.gz \ + && cd db-4.8.30.NC/build_unix/ \ + && ../dist/configure --disable-shared --enable-cxx --with-pic --prefix=/usr/local \ + && make -j2 \ + && make install + +# install libevent +RUN apt-get install -y --no-install-recommends libevent-dev + +# set key environment variables +ENV DEPS ${HOME}/Deps +RUN cd ${DEPS} +ENV XSTDIR ${DEPS}/stealth +ENV XST_BRANCH qpos-3.0 + +# build boost +ENV BOOSTR 1 +ENV BOOSTS 65 +ENV BOOSTM 1 +ENV BOOSTP ${BOOSTR}_${BOOSTS}_${BOOSTM} +ENV BOOSTV ${BOOSTR}.${BOOSTS}.${BOOSTM} +ENV BUILDDIR build-xst +ENV BOOST_ROOT ${DEPS}/boost/boost-xst + +RUN mkdir -p ${DEPS}/boost \ + && wget https://sourceforge.net/projects/boost/files/boost/${BOOSTV}/boost_${BOOSTP}.tar.bz2 \ + && tar xvf boost_${BOOSTP}.tar.bz2 \ + && mkdir -p ${BOOST_ROOT} \ + && cd boost_${BOOSTP} \ + && ./bootstrap.sh \ + && ./b2 --prefix=$BOOST_ROOT --build-dir=${BUILDDIR} link=static install + +# build the stealth client +ENV BOOST_LIB_PATH ${BOOST_ROOT}/lib +ENV BOOST_INCLUDE_PATH ${BOOST_ROOT}/include +ENV BOOST_LIB_SUFFIX "" + +RUN mkdir -p ${XSTDIR} \ + && cd ${XSTDIR} \ + && git clone https://github.com/StealthSend/Stealth.git \ + && cd Stealth/src \ + && git checkout ${XST_BRANCH} \ + && make -f makefile.unix \ + && cp StealthCoind /usr/local/bin/StealthCoind + +# grab gosu for easy step-down from root +ENV GOSU_VERSION 1.11 +RUN set -x \ + && apt-get update && apt-get install -y --no-install-recommends gpg dirmngr \ + && wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$(dpkg --print-architecture)" \ + && wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$(dpkg --print-architecture).asc" \ + && export GNUPGHOME="$(mktemp -d)" \ + && gpg --keyserver ha.pool.sks-keyservers.net --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4 || true \ + && gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu \ + && rm -r "$GNUPGHOME" /usr/local/bin/gosu.asc \ + && chmod +x /usr/local/bin/gosu \ + && gosu nobody true \ + && apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* + +# move repo binaries to local bin directory +COPY ./scripts /usr/local/bin +COPY docker-entrypoint.sh /usr/local/bin/ + +# make them executable +RUN chmod -R +x /usr/local/bin + +#### FINAL STAGE #### +FROM phusion/baseimage:18.04-1.0.0 + +ARG USER_ID +ARG GROUP_ID + +ENV HOME /stealth + +# add user with specified (or default) user/group ids +ENV USER_ID ${USER_ID:-1000} +ENV GROUP_ID ${GROUP_ID:-1000} + +# add our user and group first to make sure their IDs get assigned consistently, regardless of whatever dependencies get added +RUN groupadd -g ${GROUP_ID} stealth \ + && useradd -u ${USER_ID} -g stealth -s /bin/bash -m -d /stealth stealth + +RUN apt-get update \ + && apt-get install -y --no-install-recommends \ + libevent-dev ca-certificates wget p7zip-full \ + && apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* + +# change to main workspace +WORKDIR /stealth + +# copy binaries from build stage +COPY --from=build /usr/local/bin /bin + +# create a volume for external configuration and blockchain data +VOLUME ["/stealth"] + +# change ownership of the working directory +RUN chown -R stealth:stealth /stealth + +# expose p2p and rpc ports +EXPOSE 4437 4438 46502 46503 + +# leave entrypoint for extra commands to run +ENTRYPOINT ["docker-entrypoint.sh"] + +# main command to run when container starts +CMD ["stealth_oneshot"] diff --git a/contrib/docker/Dockerfile-ubuntu-20.04 b/contrib/docker/Dockerfile-ubuntu-20.04 new file mode 100644 index 0000000..bcacc33 --- /dev/null +++ b/contrib/docker/Dockerfile-ubuntu-20.04 @@ -0,0 +1,130 @@ +FROM ubuntu:20.04 as build + +# install bulk of dependencies +RUN apt-get update \ + && apt-get upgrade -y \ + && DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \ + wget vim-common jq ca-certificates git cmake autoconf build-essential \ + openssl libssl-dev doxygen libncurses5-dev \ + libreadline-dev zlib1g-dev \ + tcsh libbz2-dev libtool \ + libssl-dev libprotobuf-dev \ + protobuf-compiler pkg-config p7zip-full \ + libcurl4-openssl-dev unzip curl python-dev \ + libxml2-dev libxslt1-dev libkrb5-dev + +# install BDB and LibEvent +ENV HOME /root +RUN cd \ + && mkdir -p ${HOME}/Deps/bdb \ + && cd ${HOME}/Deps/bdb \ + && wget http://download.oracle.com/berkeley-db/db-4.8.30.NC.tar.gz \ + && echo '12edc0df75bf9abd7f82f821795bcee50f42cb2e5f76a6a281b85732798364ef db-4.8.30.NC.tar.gz' | sha256sum -c \ + && tar xvf db-4.8.30.NC.tar.gz \ + && cd db-4.8.30.NC/build_unix/ \ + && sed -i 's/__atomic_compare_exchange/__atomic_compare_exchange_db/g' ../dbinc/atomic.h \ + && ../dist/configure --disable-shared --enable-cxx --with-pic --prefix=/usr/local \ + && make -j2 \ + && make install + +# install libevent +RUN apt-get install -y --no-install-recommends libevent-dev + +# set key environment variables +ENV DEPS ${HOME}/Deps +RUN cd ${DEPS} +ENV XSTDIR ${DEPS}/stealth +ENV XST_BRANCH qpos-3.0 + +# build boost +ENV BOOSTR 1 +ENV BOOSTS 65 +ENV BOOSTM 1 +ENV BOOSTP ${BOOSTR}_${BOOSTS}_${BOOSTM} +ENV BOOSTV ${BOOSTR}.${BOOSTS}.${BOOSTM} +ENV BUILDDIR build-xst +ENV BOOST_ROOT ${DEPS}/boost/boost-xst + +RUN mkdir -p ${DEPS}/boost \ + && wget https://sourceforge.net/projects/boost/files/boost/${BOOSTV}/boost_${BOOSTP}.tar.bz2 \ + && tar xvf boost_${BOOSTP}.tar.bz2 \ + && mkdir -p ${BOOST_ROOT} \ + && cd boost_${BOOSTP} \ + && ./bootstrap.sh \ + && ./b2 --prefix=$BOOST_ROOT --build-dir=${BUILDDIR} link=static install + +# build the stealth client +ENV BOOST_LIB_PATH ${BOOST_ROOT}/lib +ENV BOOST_INCLUDE_PATH ${BOOST_ROOT}/include +ENV BOOST_LIB_SUFFIX "" + +RUN mkdir -p ${XSTDIR} \ + && cd ${XSTDIR} \ + && git clone https://github.com/StealthSend/Stealth.git \ + && cd Stealth/src \ + && git checkout ${XST_BRANCH} \ + && make -f makefile.unix \ + && cp StealthCoind /usr/local/bin/StealthCoind + +# grab gosu for easy step-down from root +ENV GOSU_VERSION 1.11 +RUN set -x \ + && apt-get update && apt-get install -y --no-install-recommends gpg dirmngr \ + && wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$(dpkg --print-architecture)" \ + && wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$(dpkg --print-architecture).asc" \ + && export GNUPGHOME="$(mktemp -d)" \ + && gpg --keyserver ha.pool.sks-keyservers.net --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4 || true \ + && gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu \ + && rm -r "$GNUPGHOME" /usr/local/bin/gosu.asc \ + && chmod +x /usr/local/bin/gosu \ + && gosu nobody true \ + && apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* + +# move repo binaries to local bin directory +COPY ./scripts /usr/local/bin +COPY docker-entrypoint.sh /usr/local/bin/ + +# make them executable +RUN chmod -R +x /usr/local/bin + +#### FINAL STAGE #### +FROM phusion/baseimage:focal-1.0.0alpha1-amd64 + +ARG USER_ID +ARG GROUP_ID + +ENV HOME /stealth + +# add user with specified (or default) user/group ids +ENV USER_ID ${USER_ID:-1000} +ENV GROUP_ID ${GROUP_ID:-1000} + +# add our user and group first to make sure their IDs get assigned consistently, regardless of whatever dependencies get added +RUN groupadd -g ${GROUP_ID} stealth \ + && useradd -u ${USER_ID} -g stealth -s /bin/bash -m -d /stealth stealth + +RUN apt-get update \ + && apt-get install -y --no-install-recommends \ + libevent-dev ca-certificates wget p7zip-full \ + && apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* + +# change to main workspace +WORKDIR /stealth + +# copy binaries from build stage +COPY --from=build /usr/local/bin /bin + +# create a volume for external configuration and blockchain data +VOLUME ["/stealth"] + +# change ownership of the working directory +RUN chown -R stealth:stealth /stealth + +# expose p2p and rpc ports +EXPOSE 4437 4438 46502 46503 + +# leave entrypoint for extra commands to run +ENTRYPOINT ["docker-entrypoint.sh"] + +# main command to run when container starts +CMD ["stealth_oneshot"] diff --git a/contrib/docker/docs/config.md b/contrib/docker/docs/config.md index 78d9caf..6b596bb 100644 --- a/contrib/docker/docs/config.md +++ b/contrib/docker/docs/config.md @@ -7,21 +7,21 @@ The following example uses custom `rpcuser` and `rpcpassword` values, as well as explicitly refusing to bootstrap, which is not recommended. docker run \ - -p 127.0.0.1:56502:46502 \ + -p 127.0.0.1:46502:46502 \ -e RPCUSER=mysecretrpcuser \ -e RPCPASSWORD=mysecretrpcpassword \ -e DOWNLOAD_BOOTSTRAP=0 \ --volume stealthcoind-data:/stealth \ --name=xst-main \ - --detatch \ + --detach \ stealth-xenial -Use a custom `SttealthCoin.conf` configuration file: +Use a custom `StealthCoin.conf` configuration file: docker run \ -v stealthcoind-data:/stealth \ --name=xst-main \ - --detatch \ + --detach \ -p 127.0.0.1:46502:46502 \ -v /etc/__MY_STEALTH_CONFIG_FILE_.conf:/stealth/.StealthCoin/StealthCoin.conf \ stealth-xenial diff --git a/contrib/docker/docs/readme.md b/contrib/docker/docs/readme.md index e1871f6..209424a 100644 --- a/contrib/docker/docs/readme.md +++ b/contrib/docker/docs/readme.md @@ -11,11 +11,11 @@ The docker image can be built in the directory of the `Dockerfile`. The command is: - docker build --tag stealth-xenial . + docker build --tag stealth-16.04 -f Dockerfile-ubuntu-16.04 . -This command tags the image "stealth-xenial", named after the Ubuntu version (xenial) on which the image is based. +This command tags the image "stealth-16.04", named after the Ubuntu version (16.04) on which the image is based. -Change the tag to `--tag stealth-t-xenial` if the image is intended to be used with testnet (*i.e.* `docker build --tag stealth-t-xenial .`). +Change the tag to `--tag stealth-t-16.04` if the image is intended to be used with testnet (*i.e.* `docker build --tag stealth-t-16.04 .`). List the image to confirm the build after completion: @@ -24,9 +24,9 @@ List the image to confirm the build after completion: Output will resemble the following: \REPOSITORY TAG IMAGE ID CREATED SIZE - stealth-xenial latest a14f33165963 20 minutes ago 360MB + stealth-16.04 latest a14f33165963 20 minutes ago 360MB 2b1c93348e09 20 minutes ago 1.47GB - ubuntu xenial 005d2078bdfa 6 weeks ago 125MB + ubuntu 16.04 005d2078bdfa 6 weeks ago 125MB phusion/baseimage 0.10.2 4ca439e72536 22 months ago 233MB # Initialize the Container by Running It diff --git a/contrib/docker/image-vulnerability-report.txt b/contrib/docker/image-vulnerability-report.txt deleted file mode 100644 index 792a5b8..0000000 --- a/contrib/docker/image-vulnerability-report.txt +++ /dev/null @@ -1,1400 +0,0 @@ - -Testing stealthcoind... - -✗ Low severity vulnerability found in systemd/libudev1 - Description: Out-of-bounds Read - Info: https://snyk.io/vuln/SNYK-LINUX-SYSTEMD-257440 - Introduced through: systemd/libudev1@229-4ubuntu21.4, init-system-helpers/init@1.29ubuntu4, systemd/libsystemd0@229-4ubuntu21.4, openssh/openssh-server@1:7.2p2-4ubuntu2.4, syslog-ng/syslog-ng-core@3.5.6-2.1, util-linux/bsdutils@1:2.27.1-6ubuntu3.6, procps@2:3.3.10-4ubuntu2.4, software-properties/software-properties-common@0.96.20.7, systemd@229-4ubuntu21.4, systemd/systemd-sysv@229-4ubuntu21.4 - From: systemd/libudev1@229-4ubuntu21.4 - From: init-system-helpers/init@1.29ubuntu4 > systemd/systemd-sysv@229-4ubuntu21.4 > systemd@229-4ubuntu21.4 > util-linux@2.27.1-6ubuntu3.6 > systemd/libudev1@229-4ubuntu21.4 - From: init-system-helpers/init@1.29ubuntu4 > systemd/systemd-sysv@229-4ubuntu21.4 > systemd@229-4ubuntu21.4 > util-linux/mount@2.27.1-6ubuntu3.6 > systemd/libudev1@229-4ubuntu21.4 - and 13 more... - Introduced by your base image (phusion/baseimage:0.10.2) - Fixed in: 229-4ubuntu21.15 - -✗ Low severity vulnerability found in shadow/passwd - Description: CVE-2013-4235 - Info: https://snyk.io/vuln/SNYK-LINUX-SHADOW-106309 - Introduced through: shadow/passwd@1:4.2-3.1ubuntu5.3, util-linux/libuuid1@2.27.1-6ubuntu3.6, openssh/openssh-server@1:7.2p2-4ubuntu2.4, apt/apt-utils@1.2.27, shadow/login@1:4.2-3.1ubuntu5.3 - From: shadow/passwd@1:4.2-3.1ubuntu5.3 - From: util-linux/libuuid1@2.27.1-6ubuntu3.6 > shadow/passwd@1:4.2-3.1ubuntu5.3 - From: openssh/openssh-server@1:7.2p2-4ubuntu2.4 > openssh/openssh-client@1:7.2p2-4ubuntu2.4 > shadow/passwd@1:4.2-3.1ubuntu5.3 - and 2 more... - Introduced by your base image (phusion/baseimage:0.10.2) - -✗ Low severity vulnerability found in python3.5/libpython3.5-stdlib - Description: CVE-2019-5010 - Info: https://snyk.io/vuln/SNYK-LINUX-PYTHON35-257722 - Introduced through: software-properties/software-properties-common@0.96.20.7 - From: software-properties/software-properties-common@0.96.20.7 > python3-defaults/python3@3.5.1-3 > python3-defaults/libpython3-stdlib@3.5.1-3 > python3.5/libpython3.5-stdlib@3.5.2-2ubuntu0~16.04.4 - From: software-properties/software-properties-common@0.96.20.7 > python3-defaults/python3@3.5.1-3 > python3.5@3.5.2-2ubuntu0~16.04.4 > python3.5/libpython3.5-stdlib@3.5.2-2ubuntu0~16.04.4 - From: software-properties/software-properties-common@0.96.20.7 > python3-defaults/python3@3.5.1-3 > python3-defaults/python3-minimal@3.5.1-3 > python3.5/python3.5-minimal@3.5.2-2ubuntu0~16.04.4 - and 4 more... - Introduced by your base image (phusion/baseimage:0.10.2) - -✗ Low severity vulnerability found in krb5/libkrb5support0 - Description: Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection') - Info: https://snyk.io/vuln/SNYK-LINUX-KRB5-159695 - Introduced through: apt/apt-transport-https@1.2.27, openssh/openssh-server@1:7.2p2-4ubuntu2.4 - From: apt/apt-transport-https@1.2.27 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 > krb5/libgssapi-krb5-2@1.13.2+dfsg-5ubuntu2 > krb5/libkrb5support0@1.13.2+dfsg-5ubuntu2 - From: apt/apt-transport-https@1.2.27 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 > krb5/libgssapi-krb5-2@1.13.2+dfsg-5ubuntu2 > krb5/libk5crypto3@1.13.2+dfsg-5ubuntu2 > krb5/libkrb5support0@1.13.2+dfsg-5ubuntu2 - From: apt/apt-transport-https@1.2.27 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 > krb5/libgssapi-krb5-2@1.13.2+dfsg-5ubuntu2 > krb5/libkrb5-3@1.13.2+dfsg-5ubuntu2 > krb5/libkrb5support0@1.13.2+dfsg-5ubuntu2 - and 7 more... - Introduced by your base image (phusion/baseimage:0.10.2) - Fixed in: 1.13.2+dfsg-5ubuntu2.1 - -✗ Medium severity vulnerability found in vim/vim-common - Description: Information Exposure - Info: https://snyk.io/vuln/SNYK-LINUX-VIM-116758 - Introduced through: vim/vim-tiny@2:7.4.1689-3ubuntu1.2 - From: vim/vim-tiny@2:7.4.1689-3ubuntu1.2 > vim/vim-common@2:7.4.1689-3ubuntu1.2 - From: vim/vim-tiny@2:7.4.1689-3ubuntu1.2 - Introduced by your base image (phusion/baseimage:0.10.2) - -✗ Medium severity vulnerability found in util-linux - Description: Resource Management Errors - Info: https://snyk.io/vuln/SNYK-LINUX-UTILLINUX-130950 - Introduced through: util-linux@2.27.1-6ubuntu3.6, e2fsprogs@1.42.13-1ubuntu1, syslog-ng/syslog-ng-core@3.5.6-2.1, init-system-helpers/init@1.29ubuntu4, util-linux/libblkid1@2.27.1-6ubuntu3.6, util-linux/libuuid1@2.27.1-6ubuntu3.6, util-linux/libfdisk1@2.27.1-6ubuntu3.6, util-linux/libmount1@2.27.1-6ubuntu3.6, util-linux/libsmartcols1@2.27.1-6ubuntu3.6, util-linux/mount@2.27.1-6ubuntu3.6, procps@2:3.3.10-4ubuntu2.4, util-linux/bsdutils@1:2.27.1-6ubuntu3.6 - From: util-linux@2.27.1-6ubuntu3.6 - From: e2fsprogs@1.42.13-1ubuntu1 > util-linux@2.27.1-6ubuntu3.6 - From: syslog-ng/syslog-ng-core@3.5.6-2.1 > util-linux@2.27.1-6ubuntu3.6 - and 27 more... - Introduced by your base image (phusion/baseimage:0.10.2) - -✗ Medium severity vulnerability found in util-linux - Description: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') - Info: https://snyk.io/vuln/SNYK-LINUX-UTILLINUX-149981 - Introduced through: util-linux@2.27.1-6ubuntu3.6, e2fsprogs@1.42.13-1ubuntu1, syslog-ng/syslog-ng-core@3.5.6-2.1, init-system-helpers/init@1.29ubuntu4, util-linux/libblkid1@2.27.1-6ubuntu3.6, util-linux/libuuid1@2.27.1-6ubuntu3.6, util-linux/libfdisk1@2.27.1-6ubuntu3.6, util-linux/libmount1@2.27.1-6ubuntu3.6, util-linux/libsmartcols1@2.27.1-6ubuntu3.6, util-linux/mount@2.27.1-6ubuntu3.6, procps@2:3.3.10-4ubuntu2.4, util-linux/bsdutils@1:2.27.1-6ubuntu3.6 - From: util-linux@2.27.1-6ubuntu3.6 - From: e2fsprogs@1.42.13-1ubuntu1 > util-linux@2.27.1-6ubuntu3.6 - From: syslog-ng/syslog-ng-core@3.5.6-2.1 > util-linux@2.27.1-6ubuntu3.6 - and 27 more... - Introduced by your base image (phusion/baseimage:0.10.2) - -✗ Medium severity vulnerability found in tar - Description: Out-of-bounds Read - Info: https://snyk.io/vuln/SNYK-LINUX-TAR-220695 - Introduced through: meta-common-packages@meta - From: meta-common-packages@meta > tar@1.28-2.1ubuntu0.1 - Introduced by your base image (phusion/baseimage:0.10.2) - -✗ Medium severity vulnerability found in systemd/libudev1 - Description: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') - Info: https://snyk.io/vuln/SNYK-LINUX-SYSTEMD-174861 - Introduced through: systemd/libudev1@229-4ubuntu21.4, init-system-helpers/init@1.29ubuntu4, systemd/libsystemd0@229-4ubuntu21.4, openssh/openssh-server@1:7.2p2-4ubuntu2.4, syslog-ng/syslog-ng-core@3.5.6-2.1, util-linux/bsdutils@1:2.27.1-6ubuntu3.6, procps@2:3.3.10-4ubuntu2.4, software-properties/software-properties-common@0.96.20.7, systemd@229-4ubuntu21.4, systemd/systemd-sysv@229-4ubuntu21.4 - From: systemd/libudev1@229-4ubuntu21.4 - From: init-system-helpers/init@1.29ubuntu4 > systemd/systemd-sysv@229-4ubuntu21.4 > systemd@229-4ubuntu21.4 > util-linux@2.27.1-6ubuntu3.6 > systemd/libudev1@229-4ubuntu21.4 - From: init-system-helpers/init@1.29ubuntu4 > systemd/systemd-sysv@229-4ubuntu21.4 > systemd@229-4ubuntu21.4 > util-linux/mount@2.27.1-6ubuntu3.6 > systemd/libudev1@229-4ubuntu21.4 - and 13 more... - Introduced by your base image (phusion/baseimage:0.10.2) - Fixed in: 229-4ubuntu21.8 - -✗ Medium severity vulnerability found in systemd/libudev1 - Description: Permissions - Info: https://snyk.io/vuln/SNYK-LINUX-SYSTEMD-240648 - Introduced through: systemd/libudev1@229-4ubuntu21.4, init-system-helpers/init@1.29ubuntu4, systemd/libsystemd0@229-4ubuntu21.4, openssh/openssh-server@1:7.2p2-4ubuntu2.4, syslog-ng/syslog-ng-core@3.5.6-2.1, util-linux/bsdutils@1:2.27.1-6ubuntu3.6, procps@2:3.3.10-4ubuntu2.4, software-properties/software-properties-common@0.96.20.7, systemd@229-4ubuntu21.4, systemd/systemd-sysv@229-4ubuntu21.4 - From: systemd/libudev1@229-4ubuntu21.4 - From: init-system-helpers/init@1.29ubuntu4 > systemd/systemd-sysv@229-4ubuntu21.4 > systemd@229-4ubuntu21.4 > util-linux@2.27.1-6ubuntu3.6 > systemd/libudev1@229-4ubuntu21.4 - From: init-system-helpers/init@1.29ubuntu4 > systemd/systemd-sysv@229-4ubuntu21.4 > systemd@229-4ubuntu21.4 > util-linux/mount@2.27.1-6ubuntu3.6 > systemd/libudev1@229-4ubuntu21.4 - and 13 more... - Introduced by your base image (phusion/baseimage:0.10.2) - -✗ Medium severity vulnerability found in systemd/libudev1 - Description: Improper Restriction of Operations within the Bounds of a Memory Buffer - Info: https://snyk.io/vuln/SNYK-LINUX-SYSTEMD-437517 - Introduced through: systemd/libudev1@229-4ubuntu21.4, init-system-helpers/init@1.29ubuntu4, systemd/libsystemd0@229-4ubuntu21.4, openssh/openssh-server@1:7.2p2-4ubuntu2.4, syslog-ng/syslog-ng-core@3.5.6-2.1, util-linux/bsdutils@1:2.27.1-6ubuntu3.6, procps@2:3.3.10-4ubuntu2.4, software-properties/software-properties-common@0.96.20.7, systemd@229-4ubuntu21.4, systemd/systemd-sysv@229-4ubuntu21.4 - From: systemd/libudev1@229-4ubuntu21.4 - From: init-system-helpers/init@1.29ubuntu4 > systemd/systemd-sysv@229-4ubuntu21.4 > systemd@229-4ubuntu21.4 > util-linux@2.27.1-6ubuntu3.6 > systemd/libudev1@229-4ubuntu21.4 - From: init-system-helpers/init@1.29ubuntu4 > systemd/systemd-sysv@229-4ubuntu21.4 > systemd@229-4ubuntu21.4 > util-linux/mount@2.27.1-6ubuntu3.6 > systemd/libudev1@229-4ubuntu21.4 - and 13 more... - Introduced by your base image (phusion/baseimage:0.10.2) - Fixed in: 229-4ubuntu21.16 - -✗ Medium severity vulnerability found in sqlite3/libsqlite3-0 - Description: Improper Input Validation - Info: https://snyk.io/vuln/SNYK-LINUX-SQLITE3-108650 - Introduced through: software-properties/software-properties-common@0.96.20.7, apt/apt-transport-https@1.2.27 - From: software-properties/software-properties-common@0.96.20.7 > python3-defaults/python3@3.5.1-3 > python3.5@3.5.2-2ubuntu0~16.04.4 > python3.5/libpython3.5-stdlib@3.5.2-2ubuntu0~16.04.4 > sqlite3/libsqlite3-0@3.11.0-1ubuntu1 - From: apt/apt-transport-https@1.2.27 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 > openldap/libldap-2.4-2@2.4.42+dfsg-2ubuntu3.3 > heimdal/libgssapi3-heimdal@1.7~git20150920+dfsg-4ubuntu1.16.04.1 > heimdal/libheimntlm0-heimdal@1.7~git20150920+dfsg-4ubuntu1.16.04.1 > heimdal/libkrb5-26-heimdal@1.7~git20150920+dfsg-4ubuntu1.16.04.1 > sqlite3/libsqlite3-0@3.11.0-1ubuntu1 - Introduced by your base image (phusion/baseimage:0.10.2) - Fixed in: 3.11.0-1ubuntu1.2 - -✗ Medium severity vulnerability found in sqlite3/libsqlite3-0 - Description: Improper Input Validation - Info: https://snyk.io/vuln/SNYK-LINUX-SQLITE3-118066 - Introduced through: software-properties/software-properties-common@0.96.20.7, apt/apt-transport-https@1.2.27 - From: software-properties/software-properties-common@0.96.20.7 > python3-defaults/python3@3.5.1-3 > python3.5@3.5.2-2ubuntu0~16.04.4 > python3.5/libpython3.5-stdlib@3.5.2-2ubuntu0~16.04.4 > sqlite3/libsqlite3-0@3.11.0-1ubuntu1 - From: apt/apt-transport-https@1.2.27 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 > openldap/libldap-2.4-2@2.4.42+dfsg-2ubuntu3.3 > heimdal/libgssapi3-heimdal@1.7~git20150920+dfsg-4ubuntu1.16.04.1 > heimdal/libheimntlm0-heimdal@1.7~git20150920+dfsg-4ubuntu1.16.04.1 > heimdal/libkrb5-26-heimdal@1.7~git20150920+dfsg-4ubuntu1.16.04.1 > sqlite3/libsqlite3-0@3.11.0-1ubuntu1 - Introduced by your base image (phusion/baseimage:0.10.2) - Fixed in: 3.11.0-1ubuntu1.2 - -✗ Medium severity vulnerability found in shadow/passwd - Description: Security Features - Info: https://snyk.io/vuln/SNYK-LINUX-SHADOW-107359 - Introduced through: shadow/passwd@1:4.2-3.1ubuntu5.3, util-linux/libuuid1@2.27.1-6ubuntu3.6, openssh/openssh-server@1:7.2p2-4ubuntu2.4, apt/apt-utils@1.2.27, shadow/login@1:4.2-3.1ubuntu5.3 - From: shadow/passwd@1:4.2-3.1ubuntu5.3 - From: util-linux/libuuid1@2.27.1-6ubuntu3.6 > shadow/passwd@1:4.2-3.1ubuntu5.3 - From: openssh/openssh-server@1:7.2p2-4ubuntu2.4 > openssh/openssh-client@1:7.2p2-4ubuntu2.4 > shadow/passwd@1:4.2-3.1ubuntu5.3 - and 2 more... - Introduced by your base image (phusion/baseimage:0.10.2) - -✗ Medium severity vulnerability found in python3.5/libpython3.5-stdlib - Description: Improper Neutralization of CRLF Sequences ('CRLF Injection') - Info: https://snyk.io/vuln/SNYK-LINUX-PYTHON35-440477 - Introduced through: software-properties/software-properties-common@0.96.20.7 - From: software-properties/software-properties-common@0.96.20.7 > python3-defaults/python3@3.5.1-3 > python3-defaults/libpython3-stdlib@3.5.1-3 > python3.5/libpython3.5-stdlib@3.5.2-2ubuntu0~16.04.4 - From: software-properties/software-properties-common@0.96.20.7 > python3-defaults/python3@3.5.1-3 > python3.5@3.5.2-2ubuntu0~16.04.4 > python3.5/libpython3.5-stdlib@3.5.2-2ubuntu0~16.04.4 - From: software-properties/software-properties-common@0.96.20.7 > python3-defaults/python3@3.5.1-3 > python3-defaults/python3-minimal@3.5.1-3 > python3.5/python3.5-minimal@3.5.2-2ubuntu0~16.04.4 - and 4 more... - Introduced by your base image (phusion/baseimage:0.10.2) - -✗ Medium severity vulnerability found in python3.5/libpython3.5-stdlib - Description: Improper Neutralization of CRLF Sequences ('CRLF Injection') - Info: https://snyk.io/vuln/SNYK-LINUX-PYTHON35-441381 - Introduced through: software-properties/software-properties-common@0.96.20.7 - From: software-properties/software-properties-common@0.96.20.7 > python3-defaults/python3@3.5.1-3 > python3-defaults/libpython3-stdlib@3.5.1-3 > python3.5/libpython3.5-stdlib@3.5.2-2ubuntu0~16.04.4 - From: software-properties/software-properties-common@0.96.20.7 > python3-defaults/python3@3.5.1-3 > python3.5@3.5.2-2ubuntu0~16.04.4 > python3.5/libpython3.5-stdlib@3.5.2-2ubuntu0~16.04.4 - From: software-properties/software-properties-common@0.96.20.7 > python3-defaults/python3@3.5.1-3 > python3-defaults/python3-minimal@3.5.1-3 > python3.5/python3.5-minimal@3.5.2-2ubuntu0~16.04.4 - and 4 more... - Introduced by your base image (phusion/baseimage:0.10.2) - -✗ Medium severity vulnerability found in pcre3/libpcre3 - Description: Out-of-bounds Read - Info: https://snyk.io/vuln/SNYK-LINUX-PCRE3-140022 - Introduced through: meta-common-packages@meta - From: meta-common-packages@meta > pcre3/libpcre3@2:8.38-3.1 - Introduced by your base image (phusion/baseimage:0.10.2) - -✗ Medium severity vulnerability found in openssl/libssl1.0.0 - Description: Information Exposure - Info: https://snyk.io/vuln/SNYK-LINUX-OPENSSL-175704 - Introduced through: openssh/openssh-server@1:7.2p2-4ubuntu2.4, syslog-ng/syslog-ng-core@3.5.6-2.1, ca-certificates@20170717~16.04.1, libevent/libevent-dev@2.0.21-stable-2ubuntu0.16.04.1, software-properties/software-properties-common@0.96.20.7 - From: openssh/openssh-server@1:7.2p2-4ubuntu2.4 > openssl/libssl1.0.0@1.0.2g-1ubuntu4.13 - From: syslog-ng/syslog-ng-core@3.5.6-2.1 > openssl/libssl1.0.0@1.0.2g-1ubuntu4.13 - From: ca-certificates@20170717~16.04.1 > openssl@1.0.2g-1ubuntu4.13 > openssl/libssl1.0.0@1.0.2g-1ubuntu4.13 - and 4 more... - Introduced in your Dockerfile by 'RUN set -x && apt-get update && apt-get install -y --no-install-recommends ca-certificates wget && wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$(dpkg --print-architecture)" && wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$(dpkg --print-architecture).asc" && export GNUPGHOME="$(mktemp -d)" && gpg --keyserver ha.pool.sks-keyservers.net --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4 && gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu && rm -r "$GNUPGHOME" /usr/local/bin/gosu.asc && chmod +x /usr/local/bin/gosu && gosu nobody true && apt-get purge -y ca-certificates wget && apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*' - Fixed in: 1.0.2g-1ubuntu4.14 - -✗ Medium severity vulnerability found in openssl/libssl1.0.0 - Description: Key Management Errors - Info: https://snyk.io/vuln/SNYK-LINUX-OPENSSL-175808 - Introduced through: openssh/openssh-server@1:7.2p2-4ubuntu2.4, syslog-ng/syslog-ng-core@3.5.6-2.1, ca-certificates@20170717~16.04.1, libevent/libevent-dev@2.0.21-stable-2ubuntu0.16.04.1, software-properties/software-properties-common@0.96.20.7 - From: openssh/openssh-server@1:7.2p2-4ubuntu2.4 > openssl/libssl1.0.0@1.0.2g-1ubuntu4.13 - From: syslog-ng/syslog-ng-core@3.5.6-2.1 > openssl/libssl1.0.0@1.0.2g-1ubuntu4.13 - From: ca-certificates@20170717~16.04.1 > openssl@1.0.2g-1ubuntu4.13 > openssl/libssl1.0.0@1.0.2g-1ubuntu4.13 - and 4 more... - Introduced in your Dockerfile by 'RUN set -x && apt-get update && apt-get install -y --no-install-recommends ca-certificates wget && wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$(dpkg --print-architecture)" && wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$(dpkg --print-architecture).asc" && export GNUPGHOME="$(mktemp -d)" && gpg --keyserver ha.pool.sks-keyservers.net --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4 && gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu && rm -r "$GNUPGHOME" /usr/local/bin/gosu.asc && chmod +x /usr/local/bin/gosu && gosu nobody true && apt-get purge -y ca-certificates wget && apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*' - Fixed in: 1.0.2g-1ubuntu4.14 - -✗ Medium severity vulnerability found in openssl/libssl1.0.0 - Description: Information Exposure - Info: https://snyk.io/vuln/SNYK-LINUX-OPENSSL-438083 - Introduced through: openssh/openssh-server@1:7.2p2-4ubuntu2.4, syslog-ng/syslog-ng-core@3.5.6-2.1, ca-certificates@20170717~16.04.1, libevent/libevent-dev@2.0.21-stable-2ubuntu0.16.04.1, software-properties/software-properties-common@0.96.20.7 - From: openssh/openssh-server@1:7.2p2-4ubuntu2.4 > openssl/libssl1.0.0@1.0.2g-1ubuntu4.13 - From: syslog-ng/syslog-ng-core@3.5.6-2.1 > openssl/libssl1.0.0@1.0.2g-1ubuntu4.13 - From: ca-certificates@20170717~16.04.1 > openssl@1.0.2g-1ubuntu4.13 > openssl/libssl1.0.0@1.0.2g-1ubuntu4.13 - and 4 more... - Introduced in your Dockerfile by 'RUN set -x && apt-get update && apt-get install -y --no-install-recommends ca-certificates wget && wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$(dpkg --print-architecture)" && wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$(dpkg --print-architecture).asc" && export GNUPGHOME="$(mktemp -d)" && gpg --keyserver ha.pool.sks-keyservers.net --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4 && gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu && rm -r "$GNUPGHOME" /usr/local/bin/gosu.asc && chmod +x /usr/local/bin/gosu && gosu nobody true && apt-get purge -y ca-certificates wget && apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*' - Fixed in: 1.0.2g-1ubuntu4.15 - -✗ Medium severity vulnerability found in openssh/openssh-client - Description: Information Exposure - Info: https://snyk.io/vuln/SNYK-LINUX-OPENSSH-172675 - Introduced through: openssh/openssh-server@1:7.2p2-4ubuntu2.4 - From: openssh/openssh-server@1:7.2p2-4ubuntu2.4 > openssh/openssh-client@1:7.2p2-4ubuntu2.4 - From: openssh/openssh-server@1:7.2p2-4ubuntu2.4 > openssh/openssh-sftp-server@1:7.2p2-4ubuntu2.4 > openssh/openssh-client@1:7.2p2-4ubuntu2.4 - From: openssh/openssh-server@1:7.2p2-4ubuntu2.4 > openssh/openssh-sftp-server@1:7.2p2-4ubuntu2.4 - and 1 more... - Introduced by your base image (phusion/baseimage:0.10.2) - Fixed in: 1:7.2p2-4ubuntu2.6 - -✗ Medium severity vulnerability found in openssh/openssh-client - Description: Information Exposure - Info: https://snyk.io/vuln/SNYK-LINUX-OPENSSH-172817 - Introduced through: openssh/openssh-server@1:7.2p2-4ubuntu2.4 - From: openssh/openssh-server@1:7.2p2-4ubuntu2.4 > openssh/openssh-client@1:7.2p2-4ubuntu2.4 - From: openssh/openssh-server@1:7.2p2-4ubuntu2.4 > openssh/openssh-sftp-server@1:7.2p2-4ubuntu2.4 > openssh/openssh-client@1:7.2p2-4ubuntu2.4 - From: openssh/openssh-server@1:7.2p2-4ubuntu2.4 > openssh/openssh-sftp-server@1:7.2p2-4ubuntu2.4 - and 1 more... - Introduced by your base image (phusion/baseimage:0.10.2) - -✗ Medium severity vulnerability found in openssh/openssh-client - Description: Improper Input Validation - Info: https://snyk.io/vuln/SNYK-LINUX-OPENSSH-257427 - Introduced through: openssh/openssh-server@1:7.2p2-4ubuntu2.4 - From: openssh/openssh-server@1:7.2p2-4ubuntu2.4 > openssh/openssh-client@1:7.2p2-4ubuntu2.4 - From: openssh/openssh-server@1:7.2p2-4ubuntu2.4 > openssh/openssh-sftp-server@1:7.2p2-4ubuntu2.4 > openssh/openssh-client@1:7.2p2-4ubuntu2.4 - From: openssh/openssh-server@1:7.2p2-4ubuntu2.4 > openssh/openssh-sftp-server@1:7.2p2-4ubuntu2.4 - and 1 more... - Introduced by your base image (phusion/baseimage:0.10.2) - Fixed in: 1:7.2p2-4ubuntu2.8 - -✗ Medium severity vulnerability found in openssh/openssh-client - Description: Improper Access Control - Info: https://snyk.io/vuln/SNYK-LINUX-OPENSSH-257428 - Introduced through: openssh/openssh-server@1:7.2p2-4ubuntu2.4 - From: openssh/openssh-server@1:7.2p2-4ubuntu2.4 > openssh/openssh-client@1:7.2p2-4ubuntu2.4 - From: openssh/openssh-server@1:7.2p2-4ubuntu2.4 > openssh/openssh-sftp-server@1:7.2p2-4ubuntu2.4 > openssh/openssh-client@1:7.2p2-4ubuntu2.4 - From: openssh/openssh-server@1:7.2p2-4ubuntu2.4 > openssh/openssh-sftp-server@1:7.2p2-4ubuntu2.4 - and 1 more... - Introduced by your base image (phusion/baseimage:0.10.2) - -✗ Medium severity vulnerability found in openssh/openssh-client - Description: Improper Access Control - Info: https://snyk.io/vuln/SNYK-LINUX-OPENSSH-257429 - Introduced through: openssh/openssh-server@1:7.2p2-4ubuntu2.4 - From: openssh/openssh-server@1:7.2p2-4ubuntu2.4 > openssh/openssh-client@1:7.2p2-4ubuntu2.4 - From: openssh/openssh-server@1:7.2p2-4ubuntu2.4 > openssh/openssh-sftp-server@1:7.2p2-4ubuntu2.4 > openssh/openssh-client@1:7.2p2-4ubuntu2.4 - From: openssh/openssh-server@1:7.2p2-4ubuntu2.4 > openssh/openssh-sftp-server@1:7.2p2-4ubuntu2.4 - and 1 more... - Introduced by your base image (phusion/baseimage:0.10.2) - Fixed in: 1:7.2p2-4ubuntu2.7 - -✗ Medium severity vulnerability found in openssh/openssh-client - Description: Improper Access Control - Info: https://snyk.io/vuln/SNYK-LINUX-OPENSSH-257443 - Introduced through: openssh/openssh-server@1:7.2p2-4ubuntu2.4 - From: openssh/openssh-server@1:7.2p2-4ubuntu2.4 > openssh/openssh-client@1:7.2p2-4ubuntu2.4 - From: openssh/openssh-server@1:7.2p2-4ubuntu2.4 > openssh/openssh-sftp-server@1:7.2p2-4ubuntu2.4 > openssh/openssh-client@1:7.2p2-4ubuntu2.4 - From: openssh/openssh-server@1:7.2p2-4ubuntu2.4 > openssh/openssh-sftp-server@1:7.2p2-4ubuntu2.4 - and 1 more... - Introduced by your base image (phusion/baseimage:0.10.2) - Fixed in: 1:7.2p2-4ubuntu2.7 - -✗ Medium severity vulnerability found in openldap/libldap-2.4-2 - Description: Permissions - Info: https://snyk.io/vuln/SNYK-LINUX-OPENLDAP-119313 - Introduced through: apt/apt-transport-https@1.2.27 - From: apt/apt-transport-https@1.2.27 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 > openldap/libldap-2.4-2@2.4.42+dfsg-2ubuntu3.3 - Introduced by your base image (phusion/baseimage:0.10.2) - -✗ Medium severity vulnerability found in nettle/libnettle6 - Description: Cryptographic Issues - Info: https://snyk.io/vuln/SNYK-LINUX-NETTLE-177804 - Introduced through: apt/apt-transport-https@1.2.27 - From: apt/apt-transport-https@1.2.27 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 > nettle/libnettle6@3.2-1ubuntu0.16.04.1 - From: apt/apt-transport-https@1.2.27 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 > gnutls28/libgnutls30@3.4.10-4ubuntu1.4 > nettle/libnettle6@3.2-1ubuntu0.16.04.1 - From: apt/apt-transport-https@1.2.27 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 > rtmpdump/librtmp1@2.4+20151223.gitfa8646d-1ubuntu0.1 > nettle/libnettle6@3.2-1ubuntu0.16.04.1 - and 3 more... - Introduced by your base image (phusion/baseimage:0.10.2) - -✗ Medium severity vulnerability found in ncurses/libncursesw5 - Description: Improper Restriction of Operations within the Bounds of a Memory Buffer - Info: https://snyk.io/vuln/SNYK-LINUX-NCURSES-100134 - Introduced through: ncurses/libncursesw5@6.0+20160213-1ubuntu1, procps@2:3.3.10-4ubuntu2.4, init-system-helpers/init@1.29ubuntu4, software-properties/software-properties-common@0.96.20.7, meta-common-packages@meta, ncurses/libncurses5@6.0+20160213-1ubuntu1, ncurses/ncurses-base@6.0+20160213-1ubuntu1, ncurses/ncurses-bin@6.0+20160213-1ubuntu1 - From: ncurses/libncursesw5@6.0+20160213-1ubuntu1 - From: procps@2:3.3.10-4ubuntu2.4 > ncurses/libncursesw5@6.0+20160213-1ubuntu1 - From: init-system-helpers/init@1.29ubuntu4 > systemd/systemd-sysv@229-4ubuntu21.4 > systemd@229-4ubuntu21.4 > util-linux@2.27.1-6ubuntu3.6 > ncurses/libncursesw5@6.0+20160213-1ubuntu1 - and 6 more... - Introduced by your base image (phusion/baseimage:0.10.2) - -✗ Medium severity vulnerability found in ncurses/libncursesw5 - Description: Improper Restriction of Operations within the Bounds of a Memory Buffer - Info: https://snyk.io/vuln/SNYK-LINUX-NCURSES-101351 - Introduced through: ncurses/libncursesw5@6.0+20160213-1ubuntu1, procps@2:3.3.10-4ubuntu2.4, init-system-helpers/init@1.29ubuntu4, software-properties/software-properties-common@0.96.20.7, meta-common-packages@meta, ncurses/libncurses5@6.0+20160213-1ubuntu1, ncurses/ncurses-base@6.0+20160213-1ubuntu1, ncurses/ncurses-bin@6.0+20160213-1ubuntu1 - From: ncurses/libncursesw5@6.0+20160213-1ubuntu1 - From: procps@2:3.3.10-4ubuntu2.4 > ncurses/libncursesw5@6.0+20160213-1ubuntu1 - From: init-system-helpers/init@1.29ubuntu4 > systemd/systemd-sysv@229-4ubuntu21.4 > systemd@229-4ubuntu21.4 > util-linux@2.27.1-6ubuntu3.6 > ncurses/libncursesw5@6.0+20160213-1ubuntu1 - and 6 more... - Introduced by your base image (phusion/baseimage:0.10.2) - -✗ Medium severity vulnerability found in ncurses/libncursesw5 - Description: Improper Restriction of Operations within the Bounds of a Memory Buffer - Info: https://snyk.io/vuln/SNYK-LINUX-NCURSES-104328 - Introduced through: ncurses/libncursesw5@6.0+20160213-1ubuntu1, procps@2:3.3.10-4ubuntu2.4, init-system-helpers/init@1.29ubuntu4, software-properties/software-properties-common@0.96.20.7, meta-common-packages@meta, ncurses/libncurses5@6.0+20160213-1ubuntu1, ncurses/ncurses-base@6.0+20160213-1ubuntu1, ncurses/ncurses-bin@6.0+20160213-1ubuntu1 - From: ncurses/libncursesw5@6.0+20160213-1ubuntu1 - From: procps@2:3.3.10-4ubuntu2.4 > ncurses/libncursesw5@6.0+20160213-1ubuntu1 - From: init-system-helpers/init@1.29ubuntu4 > systemd/systemd-sysv@229-4ubuntu21.4 > systemd@229-4ubuntu21.4 > util-linux@2.27.1-6ubuntu3.6 > ncurses/libncursesw5@6.0+20160213-1ubuntu1 - and 6 more... - Introduced by your base image (phusion/baseimage:0.10.2) - -✗ Medium severity vulnerability found in ncurses/libncursesw5 - Description: Improper Restriction of Operations within the Bounds of a Memory Buffer - Info: https://snyk.io/vuln/SNYK-LINUX-NCURSES-122425 - Introduced through: ncurses/libncursesw5@6.0+20160213-1ubuntu1, procps@2:3.3.10-4ubuntu2.4, init-system-helpers/init@1.29ubuntu4, software-properties/software-properties-common@0.96.20.7, meta-common-packages@meta, ncurses/libncurses5@6.0+20160213-1ubuntu1, ncurses/ncurses-base@6.0+20160213-1ubuntu1, ncurses/ncurses-bin@6.0+20160213-1ubuntu1 - From: ncurses/libncursesw5@6.0+20160213-1ubuntu1 - From: procps@2:3.3.10-4ubuntu2.4 > ncurses/libncursesw5@6.0+20160213-1ubuntu1 - From: init-system-helpers/init@1.29ubuntu4 > systemd/systemd-sysv@229-4ubuntu21.4 > systemd@229-4ubuntu21.4 > util-linux@2.27.1-6ubuntu3.6 > ncurses/libncursesw5@6.0+20160213-1ubuntu1 - and 6 more... - Introduced by your base image (phusion/baseimage:0.10.2) - -✗ Medium severity vulnerability found in ncurses/libncursesw5 - Description: Improper Restriction of Operations within the Bounds of a Memory Buffer - Info: https://snyk.io/vuln/SNYK-LINUX-NCURSES-126205 - Introduced through: ncurses/libncursesw5@6.0+20160213-1ubuntu1, procps@2:3.3.10-4ubuntu2.4, init-system-helpers/init@1.29ubuntu4, software-properties/software-properties-common@0.96.20.7, meta-common-packages@meta, ncurses/libncurses5@6.0+20160213-1ubuntu1, ncurses/ncurses-base@6.0+20160213-1ubuntu1, ncurses/ncurses-bin@6.0+20160213-1ubuntu1 - From: ncurses/libncursesw5@6.0+20160213-1ubuntu1 - From: procps@2:3.3.10-4ubuntu2.4 > ncurses/libncursesw5@6.0+20160213-1ubuntu1 - From: init-system-helpers/init@1.29ubuntu4 > systemd/systemd-sysv@229-4ubuntu21.4 > systemd@229-4ubuntu21.4 > util-linux@2.27.1-6ubuntu3.6 > ncurses/libncursesw5@6.0+20160213-1ubuntu1 - and 6 more... - Introduced by your base image (phusion/baseimage:0.10.2) - -✗ Medium severity vulnerability found in ncurses/libncursesw5 - Description: Improper Restriction of Operations within the Bounds of a Memory Buffer - Info: https://snyk.io/vuln/SNYK-LINUX-NCURSES-127641 - Introduced through: ncurses/libncursesw5@6.0+20160213-1ubuntu1, procps@2:3.3.10-4ubuntu2.4, init-system-helpers/init@1.29ubuntu4, software-properties/software-properties-common@0.96.20.7, meta-common-packages@meta, ncurses/libncurses5@6.0+20160213-1ubuntu1, ncurses/ncurses-base@6.0+20160213-1ubuntu1, ncurses/ncurses-bin@6.0+20160213-1ubuntu1 - From: ncurses/libncursesw5@6.0+20160213-1ubuntu1 - From: procps@2:3.3.10-4ubuntu2.4 > ncurses/libncursesw5@6.0+20160213-1ubuntu1 - From: init-system-helpers/init@1.29ubuntu4 > systemd/systemd-sysv@229-4ubuntu21.4 > systemd@229-4ubuntu21.4 > util-linux@2.27.1-6ubuntu3.6 > ncurses/libncursesw5@6.0+20160213-1ubuntu1 - and 6 more... - Introduced by your base image (phusion/baseimage:0.10.2) - -✗ Medium severity vulnerability found in libtasn1-6 - Description: Resource Management Errors - Info: https://snyk.io/vuln/SNYK-LINUX-LIBTASN16-172697 - Introduced through: apt/apt-transport-https@1.2.27 - From: apt/apt-transport-https@1.2.27 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 > gnutls28/libgnutls30@3.4.10-4ubuntu1.4 > libtasn1-6@4.7-3ubuntu0.16.04.3 - Introduced by your base image (phusion/baseimage:0.10.2) - -✗ Medium severity vulnerability found in krb5/libkrb5support0 - Description: CVE-2016-3119 - Info: https://snyk.io/vuln/SNYK-LINUX-KRB5-101249 - Introduced through: apt/apt-transport-https@1.2.27, openssh/openssh-server@1:7.2p2-4ubuntu2.4 - From: apt/apt-transport-https@1.2.27 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 > krb5/libgssapi-krb5-2@1.13.2+dfsg-5ubuntu2 > krb5/libkrb5support0@1.13.2+dfsg-5ubuntu2 - From: apt/apt-transport-https@1.2.27 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 > krb5/libgssapi-krb5-2@1.13.2+dfsg-5ubuntu2 > krb5/libk5crypto3@1.13.2+dfsg-5ubuntu2 > krb5/libkrb5support0@1.13.2+dfsg-5ubuntu2 - From: apt/apt-transport-https@1.2.27 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 > krb5/libgssapi-krb5-2@1.13.2+dfsg-5ubuntu2 > krb5/libkrb5-3@1.13.2+dfsg-5ubuntu2 > krb5/libkrb5support0@1.13.2+dfsg-5ubuntu2 - and 7 more... - Introduced by your base image (phusion/baseimage:0.10.2) - Fixed in: 1.13.2+dfsg-5ubuntu2.1 - -✗ Medium severity vulnerability found in krb5/libkrb5support0 - Description: NULL Pointer Dereference - Info: https://snyk.io/vuln/SNYK-LINUX-KRB5-121163 - Introduced through: apt/apt-transport-https@1.2.27, openssh/openssh-server@1:7.2p2-4ubuntu2.4 - From: apt/apt-transport-https@1.2.27 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 > krb5/libgssapi-krb5-2@1.13.2+dfsg-5ubuntu2 > krb5/libkrb5support0@1.13.2+dfsg-5ubuntu2 - From: apt/apt-transport-https@1.2.27 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 > krb5/libgssapi-krb5-2@1.13.2+dfsg-5ubuntu2 > krb5/libk5crypto3@1.13.2+dfsg-5ubuntu2 > krb5/libkrb5support0@1.13.2+dfsg-5ubuntu2 - From: apt/apt-transport-https@1.2.27 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 > krb5/libgssapi-krb5-2@1.13.2+dfsg-5ubuntu2 > krb5/libkrb5-3@1.13.2+dfsg-5ubuntu2 > krb5/libkrb5support0@1.13.2+dfsg-5ubuntu2 - and 7 more... - Introduced by your base image (phusion/baseimage:0.10.2) - Fixed in: 1.13.2+dfsg-5ubuntu2.1 - -✗ Medium severity vulnerability found in krb5/libkrb5support0 - Description: NULL Pointer Dereference - Info: https://snyk.io/vuln/SNYK-LINUX-KRB5-125766 - Introduced through: apt/apt-transport-https@1.2.27, openssh/openssh-server@1:7.2p2-4ubuntu2.4 - From: apt/apt-transport-https@1.2.27 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 > krb5/libgssapi-krb5-2@1.13.2+dfsg-5ubuntu2 > krb5/libkrb5support0@1.13.2+dfsg-5ubuntu2 - From: apt/apt-transport-https@1.2.27 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 > krb5/libgssapi-krb5-2@1.13.2+dfsg-5ubuntu2 > krb5/libk5crypto3@1.13.2+dfsg-5ubuntu2 > krb5/libkrb5support0@1.13.2+dfsg-5ubuntu2 - From: apt/apt-transport-https@1.2.27 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 > krb5/libgssapi-krb5-2@1.13.2+dfsg-5ubuntu2 > krb5/libkrb5-3@1.13.2+dfsg-5ubuntu2 > krb5/libkrb5support0@1.13.2+dfsg-5ubuntu2 - and 7 more... - Introduced by your base image (phusion/baseimage:0.10.2) - Fixed in: 1.13.2+dfsg-5ubuntu2.1 - -✗ Medium severity vulnerability found in krb5/libkrb5support0 - Description: Improper Input Validation - Info: https://snyk.io/vuln/SNYK-LINUX-KRB5-138246 - Introduced through: apt/apt-transport-https@1.2.27, openssh/openssh-server@1:7.2p2-4ubuntu2.4 - From: apt/apt-transport-https@1.2.27 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 > krb5/libgssapi-krb5-2@1.13.2+dfsg-5ubuntu2 > krb5/libkrb5support0@1.13.2+dfsg-5ubuntu2 - From: apt/apt-transport-https@1.2.27 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 > krb5/libgssapi-krb5-2@1.13.2+dfsg-5ubuntu2 > krb5/libk5crypto3@1.13.2+dfsg-5ubuntu2 > krb5/libkrb5support0@1.13.2+dfsg-5ubuntu2 - From: apt/apt-transport-https@1.2.27 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 > krb5/libgssapi-krb5-2@1.13.2+dfsg-5ubuntu2 > krb5/libkrb5-3@1.13.2+dfsg-5ubuntu2 > krb5/libkrb5support0@1.13.2+dfsg-5ubuntu2 - and 7 more... - Introduced by your base image (phusion/baseimage:0.10.2) - Fixed in: 1.13.2+dfsg-5ubuntu2.1 - -✗ Medium severity vulnerability found in krb5/libkrb5support0 - Description: Improper Input Validation - Info: https://snyk.io/vuln/SNYK-LINUX-KRB5-221142 - Introduced through: apt/apt-transport-https@1.2.27, openssh/openssh-server@1:7.2p2-4ubuntu2.4 - From: apt/apt-transport-https@1.2.27 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 > krb5/libgssapi-krb5-2@1.13.2+dfsg-5ubuntu2 > krb5/libkrb5support0@1.13.2+dfsg-5ubuntu2 - From: apt/apt-transport-https@1.2.27 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 > krb5/libgssapi-krb5-2@1.13.2+dfsg-5ubuntu2 > krb5/libk5crypto3@1.13.2+dfsg-5ubuntu2 > krb5/libkrb5support0@1.13.2+dfsg-5ubuntu2 - From: apt/apt-transport-https@1.2.27 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 > krb5/libgssapi-krb5-2@1.13.2+dfsg-5ubuntu2 > krb5/libkrb5-3@1.13.2+dfsg-5ubuntu2 > krb5/libkrb5support0@1.13.2+dfsg-5ubuntu2 - and 7 more... - Introduced by your base image (phusion/baseimage:0.10.2) - -✗ Medium severity vulnerability found in gnutls28/libgnutls30 - Description: Cryptographic Issues - Info: https://snyk.io/vuln/SNYK-LINUX-GNUTLS28-172730 - Introduced through: apt/apt-transport-https@1.2.27 - From: apt/apt-transport-https@1.2.27 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 > gnutls28/libgnutls30@3.4.10-4ubuntu1.4 - From: apt/apt-transport-https@1.2.27 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 > openldap/libldap-2.4-2@2.4.42+dfsg-2ubuntu3.3 > gnutls28/libgnutls30@3.4.10-4ubuntu1.4 - From: apt/apt-transport-https@1.2.27 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 > rtmpdump/librtmp1@2.4+20151223.gitfa8646d-1ubuntu0.1 > gnutls28/libgnutls30@3.4.10-4ubuntu1.4 - Introduced by your base image (phusion/baseimage:0.10.2) - Fixed in: 3.4.10-4ubuntu1.5 - -✗ Medium severity vulnerability found in gnutls28/libgnutls30 - Description: Cryptographic Issues - Info: https://snyk.io/vuln/SNYK-LINUX-GNUTLS28-172920 - Introduced through: apt/apt-transport-https@1.2.27 - From: apt/apt-transport-https@1.2.27 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 > gnutls28/libgnutls30@3.4.10-4ubuntu1.4 - From: apt/apt-transport-https@1.2.27 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 > openldap/libldap-2.4-2@2.4.42+dfsg-2ubuntu3.3 > gnutls28/libgnutls30@3.4.10-4ubuntu1.4 - From: apt/apt-transport-https@1.2.27 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 > rtmpdump/librtmp1@2.4+20151223.gitfa8646d-1ubuntu0.1 > gnutls28/libgnutls30@3.4.10-4ubuntu1.4 - Introduced by your base image (phusion/baseimage:0.10.2) - Fixed in: 3.4.10-4ubuntu1.5 - -✗ Medium severity vulnerability found in gnutls28/libgnutls30 - Description: Cryptographic Issues - Info: https://snyk.io/vuln/SNYK-LINUX-GNUTLS28-172950 - Introduced through: apt/apt-transport-https@1.2.27 - From: apt/apt-transport-https@1.2.27 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 > gnutls28/libgnutls30@3.4.10-4ubuntu1.4 - From: apt/apt-transport-https@1.2.27 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 > openldap/libldap-2.4-2@2.4.42+dfsg-2ubuntu3.3 > gnutls28/libgnutls30@3.4.10-4ubuntu1.4 - From: apt/apt-transport-https@1.2.27 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 > rtmpdump/librtmp1@2.4+20151223.gitfa8646d-1ubuntu0.1 > gnutls28/libgnutls30@3.4.10-4ubuntu1.4 - Introduced by your base image (phusion/baseimage:0.10.2) - Fixed in: 3.4.10-4ubuntu1.5 - -✗ Medium severity vulnerability found in gnutls28/libgnutls30 - Description: Cryptographic Issues - Info: https://snyk.io/vuln/SNYK-LINUX-GNUTLS28-178366 - Introduced through: apt/apt-transport-https@1.2.27 - From: apt/apt-transport-https@1.2.27 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 > gnutls28/libgnutls30@3.4.10-4ubuntu1.4 - From: apt/apt-transport-https@1.2.27 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 > openldap/libldap-2.4-2@2.4.42+dfsg-2ubuntu3.3 > gnutls28/libgnutls30@3.4.10-4ubuntu1.4 - From: apt/apt-transport-https@1.2.27 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 > rtmpdump/librtmp1@2.4+20151223.gitfa8646d-1ubuntu0.1 > gnutls28/libgnutls30@3.4.10-4ubuntu1.4 - Introduced by your base image (phusion/baseimage:0.10.2) - -✗ Medium severity vulnerability found in glibc/libc-bin - Description: Improper Input Validation - Info: https://snyk.io/vuln/SNYK-LINUX-GLIBC-107098 - Introduced through: glibc/libc-bin@2.23-0ubuntu10, language-pack-en@1:16.04+20161009, meta-common-packages@meta - From: glibc/libc-bin@2.23-0ubuntu10 - From: language-pack-en@1:16.04+20161009 > language-pack-en-base@1:16.04+20160627 > glibc/locales@2.23-0ubuntu10 > glibc/libc-bin@2.23-0ubuntu10 - From: language-pack-en@1:16.04+20161009 > language-pack-en-base@1:16.04+20160627 > glibc/locales@2.23-0ubuntu10 - and 2 more... - Introduced by your base image (phusion/baseimage:0.10.2) - -✗ Medium severity vulnerability found in glibc/libc-bin - Description: Data Handling - Info: https://snyk.io/vuln/SNYK-LINUX-GLIBC-107728 - Introduced through: glibc/libc-bin@2.23-0ubuntu10, language-pack-en@1:16.04+20161009, meta-common-packages@meta - From: glibc/libc-bin@2.23-0ubuntu10 - From: language-pack-en@1:16.04+20161009 > language-pack-en-base@1:16.04+20160627 > glibc/locales@2.23-0ubuntu10 > glibc/libc-bin@2.23-0ubuntu10 - From: language-pack-en@1:16.04+20161009 > language-pack-en-base@1:16.04+20160627 > glibc/locales@2.23-0ubuntu10 - and 2 more... - Introduced by your base image (phusion/baseimage:0.10.2) - -✗ Medium severity vulnerability found in glibc/libc-bin - Description: Data Handling - Info: https://snyk.io/vuln/SNYK-LINUX-GLIBC-108050 - Introduced through: glibc/libc-bin@2.23-0ubuntu10, language-pack-en@1:16.04+20161009, meta-common-packages@meta - From: glibc/libc-bin@2.23-0ubuntu10 - From: language-pack-en@1:16.04+20161009 > language-pack-en-base@1:16.04+20160627 > glibc/locales@2.23-0ubuntu10 > glibc/libc-bin@2.23-0ubuntu10 - From: language-pack-en@1:16.04+20161009 > language-pack-en-base@1:16.04+20160627 > glibc/locales@2.23-0ubuntu10 - and 2 more... - Introduced by your base image (phusion/baseimage:0.10.2) - -✗ Medium severity vulnerability found in glibc/libc-bin - Description: Data Handling - Info: https://snyk.io/vuln/SNYK-LINUX-GLIBC-120740 - Introduced through: glibc/libc-bin@2.23-0ubuntu10, language-pack-en@1:16.04+20161009, meta-common-packages@meta - From: glibc/libc-bin@2.23-0ubuntu10 - From: language-pack-en@1:16.04+20161009 > language-pack-en-base@1:16.04+20160627 > glibc/locales@2.23-0ubuntu10 > glibc/libc-bin@2.23-0ubuntu10 - From: language-pack-en@1:16.04+20161009 > language-pack-en-base@1:16.04+20160627 > glibc/locales@2.23-0ubuntu10 - and 2 more... - Introduced by your base image (phusion/baseimage:0.10.2) - -✗ Medium severity vulnerability found in glibc/libc-bin - Description: Improper Input Validation - Info: https://snyk.io/vuln/SNYK-LINUX-GLIBC-257895 - Introduced through: glibc/libc-bin@2.23-0ubuntu10, language-pack-en@1:16.04+20161009, meta-common-packages@meta - From: glibc/libc-bin@2.23-0ubuntu10 - From: language-pack-en@1:16.04+20161009 > language-pack-en-base@1:16.04+20160627 > glibc/locales@2.23-0ubuntu10 > glibc/libc-bin@2.23-0ubuntu10 - From: language-pack-en@1:16.04+20161009 > language-pack-en-base@1:16.04+20160627 > glibc/locales@2.23-0ubuntu10 - and 2 more... - Introduced by your base image (phusion/baseimage:0.10.2) - -✗ Medium severity vulnerability found in glibc/libc-bin - Description: Improper Restriction of Operations within the Bounds of a Memory Buffer - Info: https://snyk.io/vuln/SNYK-LINUX-GLIBC-259447 - Introduced through: glibc/libc-bin@2.23-0ubuntu10, language-pack-en@1:16.04+20161009, meta-common-packages@meta - From: glibc/libc-bin@2.23-0ubuntu10 - From: language-pack-en@1:16.04+20161009 > language-pack-en-base@1:16.04+20160627 > glibc/locales@2.23-0ubuntu10 > glibc/libc-bin@2.23-0ubuntu10 - From: language-pack-en@1:16.04+20161009 > language-pack-en-base@1:16.04+20160627 > glibc/locales@2.23-0ubuntu10 - and 2 more... - Introduced by your base image (phusion/baseimage:0.10.2) - -✗ Medium severity vulnerability found in glib2.0/libglib2.0-0 - Description: Cryptographic Issues - Info: https://snyk.io/vuln/SNYK-LINUX-GLIB20-112085 - Introduced through: syslog-ng/syslog-ng-core@3.5.6-2.1, software-properties/software-properties-common@0.96.20.7 - From: syslog-ng/syslog-ng-core@3.5.6-2.1 > glib2.0/libglib2.0-0@2.48.2-0ubuntu4 - From: software-properties/software-properties-common@0.96.20.7 > dbus-python/python3-dbus@1.2.0-3 > glib2.0/libglib2.0-0@2.48.2-0ubuntu4 - From: software-properties/software-properties-common@0.96.20.7 > pygobject/python3-gi@3.20.0-0ubuntu1 > glib2.0/libglib2.0-0@2.48.2-0ubuntu4 - and 3 more... - Introduced by your base image (phusion/baseimage:0.10.2) - -✗ Medium severity vulnerability found in glib2.0/libglib2.0-0 - Description: Improper Input Validation - Info: https://snyk.io/vuln/SNYK-LINUX-GLIB20-440195 - Introduced through: syslog-ng/syslog-ng-core@3.5.6-2.1, software-properties/software-properties-common@0.96.20.7 - From: syslog-ng/syslog-ng-core@3.5.6-2.1 > glib2.0/libglib2.0-0@2.48.2-0ubuntu4 - From: software-properties/software-properties-common@0.96.20.7 > dbus-python/python3-dbus@1.2.0-3 > glib2.0/libglib2.0-0@2.48.2-0ubuntu4 - From: software-properties/software-properties-common@0.96.20.7 > pygobject/python3-gi@3.20.0-0ubuntu1 > glib2.0/libglib2.0-0@2.48.2-0ubuntu4 - and 3 more... - Introduced by your base image (phusion/baseimage:0.10.2) - -✗ Medium severity vulnerability found in cryptsetup/libcryptsetup4 - Description: Improper Authentication - Info: https://snyk.io/vuln/SNYK-LINUX-CRYPTSETUP-104703 - Introduced through: cryptsetup/libcryptsetup4@2:1.6.6-5ubuntu2.1, init-system-helpers/init@1.29ubuntu4 - From: cryptsetup/libcryptsetup4@2:1.6.6-5ubuntu2.1 - From: init-system-helpers/init@1.29ubuntu4 > systemd/systemd-sysv@229-4ubuntu21.4 > systemd@229-4ubuntu21.4 > cryptsetup/libcryptsetup4@2:1.6.6-5ubuntu2.1 - Introduced by your base image (phusion/baseimage:0.10.2) - -✗ Medium severity vulnerability found in cron - Description: Improper Link Resolution Before File Access ('Link Following') - Info: https://snyk.io/vuln/SNYK-LINUX-CRON-104519 - Introduced through: cron@3.0pl1-128ubuntu2, logrotate@3.8.7-2ubuntu2.16.04.2 - From: cron@3.0pl1-128ubuntu2 - From: logrotate@3.8.7-2ubuntu2.16.04.2 > cron@3.0pl1-128ubuntu2 - Introduced by your base image (phusion/baseimage:0.10.2) - -✗ Medium severity vulnerability found in coreutils - Description: Improper Input Validation - Info: https://snyk.io/vuln/SNYK-LINUX-COREUTILS-104909 - Introduced through: coreutils@8.25-2ubuntu3~16.04, procps@2:3.3.10-4ubuntu2.4 - From: coreutils@8.25-2ubuntu3~16.04 - From: procps@2:3.3.10-4ubuntu2.4 > sysvinit/initscripts@2.88dsf-59.3ubuntu2 > coreutils@8.25-2ubuntu3~16.04 - Introduced by your base image (phusion/baseimage:0.10.2) - -✗ Medium severity vulnerability found in bzip2/libbz2-1.0 - Description: CVE-2016-3189 - Info: https://snyk.io/vuln/SNYK-LINUX-BZIP2-106947 - Introduced through: meta-common-packages@meta - From: meta-common-packages@meta > bzip2/libbz2-1.0@1.0.6-8 - Introduced by your base image (phusion/baseimage:0.10.2) - Fixed in: 1.0.6-8ubuntu0.1 - -✗ High severity vulnerability found in zlib/zlib1g - Description: Numeric Errors - Info: https://snyk.io/vuln/SNYK-LINUX-ZLIB-106165 - Introduced through: meta-common-packages@meta - From: meta-common-packages@meta > zlib/zlib1g@1:1.2.8.dfsg-2ubuntu4.1 - Introduced by your base image (phusion/baseimage:0.10.2) - -✗ High severity vulnerability found in zlib/zlib1g - Description: Numeric Errors - Info: https://snyk.io/vuln/SNYK-LINUX-ZLIB-106518 - Introduced through: meta-common-packages@meta - From: meta-common-packages@meta > zlib/zlib1g@1:1.2.8.dfsg-2ubuntu4.1 - Introduced by your base image (phusion/baseimage:0.10.2) - -✗ High severity vulnerability found in zlib/zlib1g - Description: Numeric Errors - Info: https://snyk.io/vuln/SNYK-LINUX-ZLIB-109468 - Introduced through: meta-common-packages@meta - From: meta-common-packages@meta > zlib/zlib1g@1:1.2.8.dfsg-2ubuntu4.1 - Introduced by your base image (phusion/baseimage:0.10.2) - -✗ High severity vulnerability found in zlib/zlib1g - Description: Numeric Errors - Info: https://snyk.io/vuln/SNYK-LINUX-ZLIB-123236 - Introduced through: meta-common-packages@meta - From: meta-common-packages@meta > zlib/zlib1g@1:1.2.8.dfsg-2ubuntu4.1 - Introduced by your base image (phusion/baseimage:0.10.2) - -✗ High severity vulnerability found in vim/vim-common - Description: Integer Overflow or Wraparound - Info: https://snyk.io/vuln/SNYK-LINUX-VIM-102563 - Introduced through: vim/vim-tiny@2:7.4.1689-3ubuntu1.2 - From: vim/vim-tiny@2:7.4.1689-3ubuntu1.2 > vim/vim-common@2:7.4.1689-3ubuntu1.2 - From: vim/vim-tiny@2:7.4.1689-3ubuntu1.2 - Introduced by your base image (phusion/baseimage:0.10.2) - Fixed in: 2:7.4.1689-3ubuntu1.3 - -✗ High severity vulnerability found in vim/vim-common - Description: Integer Overflow or Wraparound - Info: https://snyk.io/vuln/SNYK-LINUX-VIM-105813 - Introduced through: vim/vim-tiny@2:7.4.1689-3ubuntu1.2 - From: vim/vim-tiny@2:7.4.1689-3ubuntu1.2 > vim/vim-common@2:7.4.1689-3ubuntu1.2 - From: vim/vim-tiny@2:7.4.1689-3ubuntu1.2 - Introduced by your base image (phusion/baseimage:0.10.2) - -✗ High severity vulnerability found in vim/vim-common - Description: Integer Overflow or Wraparound - Info: https://snyk.io/vuln/SNYK-LINUX-VIM-112154 - Introduced through: vim/vim-tiny@2:7.4.1689-3ubuntu1.2 - From: vim/vim-tiny@2:7.4.1689-3ubuntu1.2 > vim/vim-common@2:7.4.1689-3ubuntu1.2 - From: vim/vim-tiny@2:7.4.1689-3ubuntu1.2 - Introduced by your base image (phusion/baseimage:0.10.2) - -✗ High severity vulnerability found in vim/vim-common - Description: Use After Free - Info: https://snyk.io/vuln/SNYK-LINUX-VIM-118367 - Introduced through: vim/vim-tiny@2:7.4.1689-3ubuntu1.2 - From: vim/vim-tiny@2:7.4.1689-3ubuntu1.2 > vim/vim-common@2:7.4.1689-3ubuntu1.2 - From: vim/vim-tiny@2:7.4.1689-3ubuntu1.2 - Introduced by your base image (phusion/baseimage:0.10.2) - -✗ High severity vulnerability found in vim/vim-common - Description: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') - Info: https://snyk.io/vuln/SNYK-LINUX-VIM-449010 - Introduced through: vim/vim-tiny@2:7.4.1689-3ubuntu1.2 - From: vim/vim-tiny@2:7.4.1689-3ubuntu1.2 > vim/vim-common@2:7.4.1689-3ubuntu1.2 - From: vim/vim-tiny@2:7.4.1689-3ubuntu1.2 - Introduced by your base image (phusion/baseimage:0.10.2) - Fixed in: 2:7.4.1689-3ubuntu1.3 - -✗ High severity vulnerability found in util-linux - Description: Permissions - Info: https://snyk.io/vuln/SNYK-LINUX-UTILLINUX-129007 - Introduced through: util-linux@2.27.1-6ubuntu3.6, e2fsprogs@1.42.13-1ubuntu1, syslog-ng/syslog-ng-core@3.5.6-2.1, init-system-helpers/init@1.29ubuntu4, util-linux/libblkid1@2.27.1-6ubuntu3.6, util-linux/libuuid1@2.27.1-6ubuntu3.6, util-linux/libfdisk1@2.27.1-6ubuntu3.6, util-linux/libmount1@2.27.1-6ubuntu3.6, util-linux/libsmartcols1@2.27.1-6ubuntu3.6, util-linux/mount@2.27.1-6ubuntu3.6, procps@2:3.3.10-4ubuntu2.4, util-linux/bsdutils@1:2.27.1-6ubuntu3.6 - From: util-linux@2.27.1-6ubuntu3.6 - From: e2fsprogs@1.42.13-1ubuntu1 > util-linux@2.27.1-6ubuntu3.6 - From: syslog-ng/syslog-ng-core@3.5.6-2.1 > util-linux@2.27.1-6ubuntu3.6 - and 27 more... - Introduced by your base image (phusion/baseimage:0.10.2) - -✗ High severity vulnerability found in systemd/libudev1 - Description: Permissions - Info: https://snyk.io/vuln/SNYK-LINUX-SYSTEMD-103027 - Introduced through: systemd/libudev1@229-4ubuntu21.4, init-system-helpers/init@1.29ubuntu4, systemd/libsystemd0@229-4ubuntu21.4, openssh/openssh-server@1:7.2p2-4ubuntu2.4, syslog-ng/syslog-ng-core@3.5.6-2.1, util-linux/bsdutils@1:2.27.1-6ubuntu3.6, procps@2:3.3.10-4ubuntu2.4, software-properties/software-properties-common@0.96.20.7, systemd@229-4ubuntu21.4, systemd/systemd-sysv@229-4ubuntu21.4 - From: systemd/libudev1@229-4ubuntu21.4 - From: init-system-helpers/init@1.29ubuntu4 > systemd/systemd-sysv@229-4ubuntu21.4 > systemd@229-4ubuntu21.4 > util-linux@2.27.1-6ubuntu3.6 > systemd/libudev1@229-4ubuntu21.4 - From: init-system-helpers/init@1.29ubuntu4 > systemd/systemd-sysv@229-4ubuntu21.4 > systemd@229-4ubuntu21.4 > util-linux/mount@2.27.1-6ubuntu3.6 > systemd/libudev1@229-4ubuntu21.4 - and 13 more... - Introduced by your base image (phusion/baseimage:0.10.2) - Fixed in: 229-4ubuntu21.15 - -✗ High severity vulnerability found in systemd/libudev1 - Description: Improper Restriction of Operations within the Bounds of a Memory Buffer - Info: https://snyk.io/vuln/SNYK-LINUX-SYSTEMD-174862 - Introduced through: systemd/libudev1@229-4ubuntu21.4, init-system-helpers/init@1.29ubuntu4, systemd/libsystemd0@229-4ubuntu21.4, openssh/openssh-server@1:7.2p2-4ubuntu2.4, syslog-ng/syslog-ng-core@3.5.6-2.1, util-linux/bsdutils@1:2.27.1-6ubuntu3.6, procps@2:3.3.10-4ubuntu2.4, software-properties/software-properties-common@0.96.20.7, systemd@229-4ubuntu21.4, systemd/systemd-sysv@229-4ubuntu21.4 - From: systemd/libudev1@229-4ubuntu21.4 - From: init-system-helpers/init@1.29ubuntu4 > systemd/systemd-sysv@229-4ubuntu21.4 > systemd@229-4ubuntu21.4 > util-linux@2.27.1-6ubuntu3.6 > systemd/libudev1@229-4ubuntu21.4 - From: init-system-helpers/init@1.29ubuntu4 > systemd/systemd-sysv@229-4ubuntu21.4 > systemd@229-4ubuntu21.4 > util-linux/mount@2.27.1-6ubuntu3.6 > systemd/libudev1@229-4ubuntu21.4 - and 13 more... - Introduced by your base image (phusion/baseimage:0.10.2) - Fixed in: 229-4ubuntu21.6 - -✗ High severity vulnerability found in systemd/libudev1 - Description: Deserialization of Untrusted Data - Info: https://snyk.io/vuln/SNYK-LINUX-SYSTEMD-174863 - Introduced through: systemd/libudev1@229-4ubuntu21.4, init-system-helpers/init@1.29ubuntu4, systemd/libsystemd0@229-4ubuntu21.4, openssh/openssh-server@1:7.2p2-4ubuntu2.4, syslog-ng/syslog-ng-core@3.5.6-2.1, util-linux/bsdutils@1:2.27.1-6ubuntu3.6, procps@2:3.3.10-4ubuntu2.4, software-properties/software-properties-common@0.96.20.7, systemd@229-4ubuntu21.4, systemd/systemd-sysv@229-4ubuntu21.4 - From: systemd/libudev1@229-4ubuntu21.4 - From: init-system-helpers/init@1.29ubuntu4 > systemd/systemd-sysv@229-4ubuntu21.4 > systemd@229-4ubuntu21.4 > util-linux@2.27.1-6ubuntu3.6 > systemd/libudev1@229-4ubuntu21.4 - From: init-system-helpers/init@1.29ubuntu4 > systemd/systemd-sysv@229-4ubuntu21.4 > systemd@229-4ubuntu21.4 > util-linux/mount@2.27.1-6ubuntu3.6 > systemd/libudev1@229-4ubuntu21.4 - and 13 more... - Introduced by your base image (phusion/baseimage:0.10.2) - Fixed in: 229-4ubuntu21.8 - -✗ High severity vulnerability found in systemd/libudev1 - Description: Improper Restriction of Operations within the Bounds of a Memory Buffer - Info: https://snyk.io/vuln/SNYK-LINUX-SYSTEMD-257438 - Introduced through: systemd/libudev1@229-4ubuntu21.4, init-system-helpers/init@1.29ubuntu4, systemd/libsystemd0@229-4ubuntu21.4, openssh/openssh-server@1:7.2p2-4ubuntu2.4, syslog-ng/syslog-ng-core@3.5.6-2.1, util-linux/bsdutils@1:2.27.1-6ubuntu3.6, procps@2:3.3.10-4ubuntu2.4, software-properties/software-properties-common@0.96.20.7, systemd@229-4ubuntu21.4, systemd/systemd-sysv@229-4ubuntu21.4 - From: systemd/libudev1@229-4ubuntu21.4 - From: init-system-helpers/init@1.29ubuntu4 > systemd/systemd-sysv@229-4ubuntu21.4 > systemd@229-4ubuntu21.4 > util-linux@2.27.1-6ubuntu3.6 > systemd/libudev1@229-4ubuntu21.4 - From: init-system-helpers/init@1.29ubuntu4 > systemd/systemd-sysv@229-4ubuntu21.4 > systemd@229-4ubuntu21.4 > util-linux/mount@2.27.1-6ubuntu3.6 > systemd/libudev1@229-4ubuntu21.4 - and 13 more... - Introduced by your base image (phusion/baseimage:0.10.2) - Fixed in: 229-4ubuntu21.15 - -✗ High severity vulnerability found in systemd/libudev1 - Description: Improper Restriction of Operations within the Bounds of a Memory Buffer - Info: https://snyk.io/vuln/SNYK-LINUX-SYSTEMD-257442 - Introduced through: systemd/libudev1@229-4ubuntu21.4, init-system-helpers/init@1.29ubuntu4, systemd/libsystemd0@229-4ubuntu21.4, openssh/openssh-server@1:7.2p2-4ubuntu2.4, syslog-ng/syslog-ng-core@3.5.6-2.1, util-linux/bsdutils@1:2.27.1-6ubuntu3.6, procps@2:3.3.10-4ubuntu2.4, software-properties/software-properties-common@0.96.20.7, systemd@229-4ubuntu21.4, systemd/systemd-sysv@229-4ubuntu21.4 - From: systemd/libudev1@229-4ubuntu21.4 - From: init-system-helpers/init@1.29ubuntu4 > systemd/systemd-sysv@229-4ubuntu21.4 > systemd@229-4ubuntu21.4 > util-linux@2.27.1-6ubuntu3.6 > systemd/libudev1@229-4ubuntu21.4 - From: init-system-helpers/init@1.29ubuntu4 > systemd/systemd-sysv@229-4ubuntu21.4 > systemd@229-4ubuntu21.4 > util-linux/mount@2.27.1-6ubuntu3.6 > systemd/libudev1@229-4ubuntu21.4 - and 13 more... - Introduced by your base image (phusion/baseimage:0.10.2) - Fixed in: 229-4ubuntu21.15 - -✗ High severity vulnerability found in systemd/libudev1 - Description: Permissions - Info: https://snyk.io/vuln/SNYK-LINUX-SYSTEMD-442613 - Introduced through: systemd/libudev1@229-4ubuntu21.4, init-system-helpers/init@1.29ubuntu4, systemd/libsystemd0@229-4ubuntu21.4, openssh/openssh-server@1:7.2p2-4ubuntu2.4, syslog-ng/syslog-ng-core@3.5.6-2.1, util-linux/bsdutils@1:2.27.1-6ubuntu3.6, procps@2:3.3.10-4ubuntu2.4, software-properties/software-properties-common@0.96.20.7, systemd@229-4ubuntu21.4, systemd/systemd-sysv@229-4ubuntu21.4 - From: systemd/libudev1@229-4ubuntu21.4 - From: init-system-helpers/init@1.29ubuntu4 > systemd/systemd-sysv@229-4ubuntu21.4 > systemd@229-4ubuntu21.4 > util-linux@2.27.1-6ubuntu3.6 > systemd/libudev1@229-4ubuntu21.4 - From: init-system-helpers/init@1.29ubuntu4 > systemd/systemd-sysv@229-4ubuntu21.4 > systemd@229-4ubuntu21.4 > util-linux/mount@2.27.1-6ubuntu3.6 > systemd/libudev1@229-4ubuntu21.4 - and 13 more... - Introduced by your base image (phusion/baseimage:0.10.2) - Fixed in: 229-4ubuntu21.21 - -✗ High severity vulnerability found in systemd/libudev1 - Description: Credentials Management - Info: https://snyk.io/vuln/SNYK-LINUX-SYSTEMD-446728 - Introduced through: systemd/libudev1@229-4ubuntu21.4, init-system-helpers/init@1.29ubuntu4, systemd/libsystemd0@229-4ubuntu21.4, openssh/openssh-server@1:7.2p2-4ubuntu2.4, syslog-ng/syslog-ng-core@3.5.6-2.1, util-linux/bsdutils@1:2.27.1-6ubuntu3.6, procps@2:3.3.10-4ubuntu2.4, software-properties/software-properties-common@0.96.20.7, systemd@229-4ubuntu21.4, systemd/systemd-sysv@229-4ubuntu21.4 - From: systemd/libudev1@229-4ubuntu21.4 - From: init-system-helpers/init@1.29ubuntu4 > systemd/systemd-sysv@229-4ubuntu21.4 > systemd@229-4ubuntu21.4 > util-linux@2.27.1-6ubuntu3.6 > systemd/libudev1@229-4ubuntu21.4 - From: init-system-helpers/init@1.29ubuntu4 > systemd/systemd-sysv@229-4ubuntu21.4 > systemd@229-4ubuntu21.4 > util-linux/mount@2.27.1-6ubuntu3.6 > systemd/libudev1@229-4ubuntu21.4 - and 13 more... - Introduced by your base image (phusion/baseimage:0.10.2) - -✗ High severity vulnerability found in sqlite3/libsqlite3-0 - Description: Improper Restriction of Operations within the Bounds of a Memory Buffer - Info: https://snyk.io/vuln/SNYK-LINUX-SQLITE3-102481 - Introduced through: software-properties/software-properties-common@0.96.20.7, apt/apt-transport-https@1.2.27 - From: software-properties/software-properties-common@0.96.20.7 > python3-defaults/python3@3.5.1-3 > python3.5@3.5.2-2ubuntu0~16.04.4 > python3.5/libpython3.5-stdlib@3.5.2-2ubuntu0~16.04.4 > sqlite3/libsqlite3-0@3.11.0-1ubuntu1 - From: apt/apt-transport-https@1.2.27 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 > openldap/libldap-2.4-2@2.4.42+dfsg-2ubuntu3.3 > heimdal/libgssapi3-heimdal@1.7~git20150920+dfsg-4ubuntu1.16.04.1 > heimdal/libheimntlm0-heimdal@1.7~git20150920+dfsg-4ubuntu1.16.04.1 > heimdal/libkrb5-26-heimdal@1.7~git20150920+dfsg-4ubuntu1.16.04.1 > sqlite3/libsqlite3-0@3.11.0-1ubuntu1 - Introduced by your base image (phusion/baseimage:0.10.2) - Fixed in: 3.11.0-1ubuntu1.2 - -✗ High severity vulnerability found in sqlite3/libsqlite3-0 - Description: Improper Restriction of Operations within the Bounds of a Memory Buffer - Info: https://snyk.io/vuln/SNYK-LINUX-SQLITE3-102603 - Introduced through: software-properties/software-properties-common@0.96.20.7, apt/apt-transport-https@1.2.27 - From: software-properties/software-properties-common@0.96.20.7 > python3-defaults/python3@3.5.1-3 > python3.5@3.5.2-2ubuntu0~16.04.4 > python3.5/libpython3.5-stdlib@3.5.2-2ubuntu0~16.04.4 > sqlite3/libsqlite3-0@3.11.0-1ubuntu1 - From: apt/apt-transport-https@1.2.27 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 > openldap/libldap-2.4-2@2.4.42+dfsg-2ubuntu3.3 > heimdal/libgssapi3-heimdal@1.7~git20150920+dfsg-4ubuntu1.16.04.1 > heimdal/libheimntlm0-heimdal@1.7~git20150920+dfsg-4ubuntu1.16.04.1 > heimdal/libkrb5-26-heimdal@1.7~git20150920+dfsg-4ubuntu1.16.04.1 > sqlite3/libsqlite3-0@3.11.0-1ubuntu1 - Introduced by your base image (phusion/baseimage:0.10.2) - Fixed in: 3.11.0-1ubuntu1.2 - -✗ High severity vulnerability found in sqlite3/libsqlite3-0 - Description: Improper Restriction of Operations within the Bounds of a Memory Buffer - Info: https://snyk.io/vuln/SNYK-LINUX-SQLITE3-120013 - Introduced through: software-properties/software-properties-common@0.96.20.7, apt/apt-transport-https@1.2.27 - From: software-properties/software-properties-common@0.96.20.7 > python3-defaults/python3@3.5.1-3 > python3.5@3.5.2-2ubuntu0~16.04.4 > python3.5/libpython3.5-stdlib@3.5.2-2ubuntu0~16.04.4 > sqlite3/libsqlite3-0@3.11.0-1ubuntu1 - From: apt/apt-transport-https@1.2.27 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 > openldap/libldap-2.4-2@2.4.42+dfsg-2ubuntu3.3 > heimdal/libgssapi3-heimdal@1.7~git20150920+dfsg-4ubuntu1.16.04.1 > heimdal/libheimntlm0-heimdal@1.7~git20150920+dfsg-4ubuntu1.16.04.1 > heimdal/libkrb5-26-heimdal@1.7~git20150920+dfsg-4ubuntu1.16.04.1 > sqlite3/libsqlite3-0@3.11.0-1ubuntu1 - Introduced by your base image (phusion/baseimage:0.10.2) - Fixed in: 3.11.0-1ubuntu1.2 - -✗ High severity vulnerability found in sqlite3/libsqlite3-0 - Description: NULL Pointer Dereference - Info: https://snyk.io/vuln/SNYK-LINUX-SQLITE3-123402 - Introduced through: software-properties/software-properties-common@0.96.20.7, apt/apt-transport-https@1.2.27 - From: software-properties/software-properties-common@0.96.20.7 > python3-defaults/python3@3.5.1-3 > python3.5@3.5.2-2ubuntu0~16.04.4 > python3.5/libpython3.5-stdlib@3.5.2-2ubuntu0~16.04.4 > sqlite3/libsqlite3-0@3.11.0-1ubuntu1 - From: apt/apt-transport-https@1.2.27 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 > openldap/libldap-2.4-2@2.4.42+dfsg-2ubuntu3.3 > heimdal/libgssapi3-heimdal@1.7~git20150920+dfsg-4ubuntu1.16.04.1 > heimdal/libheimntlm0-heimdal@1.7~git20150920+dfsg-4ubuntu1.16.04.1 > heimdal/libkrb5-26-heimdal@1.7~git20150920+dfsg-4ubuntu1.16.04.1 > sqlite3/libsqlite3-0@3.11.0-1ubuntu1 - Introduced by your base image (phusion/baseimage:0.10.2) - -✗ High severity vulnerability found in sqlite3/libsqlite3-0 - Description: Improper Restriction of Operations within the Bounds of a Memory Buffer - Info: https://snyk.io/vuln/SNYK-LINUX-SQLITE3-125397 - Introduced through: software-properties/software-properties-common@0.96.20.7, apt/apt-transport-https@1.2.27 - From: software-properties/software-properties-common@0.96.20.7 > python3-defaults/python3@3.5.1-3 > python3.5@3.5.2-2ubuntu0~16.04.4 > python3.5/libpython3.5-stdlib@3.5.2-2ubuntu0~16.04.4 > sqlite3/libsqlite3-0@3.11.0-1ubuntu1 - From: apt/apt-transport-https@1.2.27 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 > openldap/libldap-2.4-2@2.4.42+dfsg-2ubuntu3.3 > heimdal/libgssapi3-heimdal@1.7~git20150920+dfsg-4ubuntu1.16.04.1 > heimdal/libheimntlm0-heimdal@1.7~git20150920+dfsg-4ubuntu1.16.04.1 > heimdal/libkrb5-26-heimdal@1.7~git20150920+dfsg-4ubuntu1.16.04.1 > sqlite3/libsqlite3-0@3.11.0-1ubuntu1 - Introduced by your base image (phusion/baseimage:0.10.2) - Fixed in: 3.11.0-1ubuntu1.2 - -✗ High severity vulnerability found in sqlite3/libsqlite3-0 - Description: Integer Overflow or Wraparound - Info: https://snyk.io/vuln/SNYK-LINUX-SQLITE3-205443 - Introduced through: software-properties/software-properties-common@0.96.20.7, apt/apt-transport-https@1.2.27 - From: software-properties/software-properties-common@0.96.20.7 > python3-defaults/python3@3.5.1-3 > python3.5@3.5.2-2ubuntu0~16.04.4 > python3.5/libpython3.5-stdlib@3.5.2-2ubuntu0~16.04.4 > sqlite3/libsqlite3-0@3.11.0-1ubuntu1 - From: apt/apt-transport-https@1.2.27 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 > openldap/libldap-2.4-2@2.4.42+dfsg-2ubuntu3.3 > heimdal/libgssapi3-heimdal@1.7~git20150920+dfsg-4ubuntu1.16.04.1 > heimdal/libheimntlm0-heimdal@1.7~git20150920+dfsg-4ubuntu1.16.04.1 > heimdal/libkrb5-26-heimdal@1.7~git20150920+dfsg-4ubuntu1.16.04.1 > sqlite3/libsqlite3-0@3.11.0-1ubuntu1 - Introduced by your base image (phusion/baseimage:0.10.2) - Fixed in: 3.11.0-1ubuntu1.2 - -✗ High severity vulnerability found in sqlite3/libsqlite3-0 - Description: NULL Pointer Dereference - Info: https://snyk.io/vuln/SNYK-LINUX-SQLITE3-441204 - Introduced through: software-properties/software-properties-common@0.96.20.7, apt/apt-transport-https@1.2.27 - From: software-properties/software-properties-common@0.96.20.7 > python3-defaults/python3@3.5.1-3 > python3.5@3.5.2-2ubuntu0~16.04.4 > python3.5/libpython3.5-stdlib@3.5.2-2ubuntu0~16.04.4 > sqlite3/libsqlite3-0@3.11.0-1ubuntu1 - From: apt/apt-transport-https@1.2.27 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 > openldap/libldap-2.4-2@2.4.42+dfsg-2ubuntu3.3 > heimdal/libgssapi3-heimdal@1.7~git20150920+dfsg-4ubuntu1.16.04.1 > heimdal/libheimntlm0-heimdal@1.7~git20150920+dfsg-4ubuntu1.16.04.1 > heimdal/libkrb5-26-heimdal@1.7~git20150920+dfsg-4ubuntu1.16.04.1 > sqlite3/libsqlite3-0@3.11.0-1ubuntu1 - Introduced by your base image (phusion/baseimage:0.10.2) - Fixed in: 3.11.0-1ubuntu1.2 - -✗ High severity vulnerability found in sqlite3/libsqlite3-0 - Description: Out-of-bounds Read - Info: https://snyk.io/vuln/SNYK-LINUX-SQLITE3-441211 - Introduced through: software-properties/software-properties-common@0.96.20.7, apt/apt-transport-https@1.2.27 - From: software-properties/software-properties-common@0.96.20.7 > python3-defaults/python3@3.5.1-3 > python3.5@3.5.2-2ubuntu0~16.04.4 > python3.5/libpython3.5-stdlib@3.5.2-2ubuntu0~16.04.4 > sqlite3/libsqlite3-0@3.11.0-1ubuntu1 - From: apt/apt-transport-https@1.2.27 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 > openldap/libldap-2.4-2@2.4.42+dfsg-2ubuntu3.3 > heimdal/libgssapi3-heimdal@1.7~git20150920+dfsg-4ubuntu1.16.04.1 > heimdal/libheimntlm0-heimdal@1.7~git20150920+dfsg-4ubuntu1.16.04.1 > heimdal/libkrb5-26-heimdal@1.7~git20150920+dfsg-4ubuntu1.16.04.1 > sqlite3/libsqlite3-0@3.11.0-1ubuntu1 - Introduced by your base image (phusion/baseimage:0.10.2) - Fixed in: 3.11.0-1ubuntu1.2 - -✗ High severity vulnerability found in sqlite3/libsqlite3-0 - Description: Integer Overflow or Wraparound - Info: https://snyk.io/vuln/SNYK-LINUX-SQLITE3-442146 - Introduced through: software-properties/software-properties-common@0.96.20.7, apt/apt-transport-https@1.2.27 - From: software-properties/software-properties-common@0.96.20.7 > python3-defaults/python3@3.5.1-3 > python3.5@3.5.2-2ubuntu0~16.04.4 > python3.5/libpython3.5-stdlib@3.5.2-2ubuntu0~16.04.4 > sqlite3/libsqlite3-0@3.11.0-1ubuntu1 - From: apt/apt-transport-https@1.2.27 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 > openldap/libldap-2.4-2@2.4.42+dfsg-2ubuntu3.3 > heimdal/libgssapi3-heimdal@1.7~git20150920+dfsg-4ubuntu1.16.04.1 > heimdal/libheimntlm0-heimdal@1.7~git20150920+dfsg-4ubuntu1.16.04.1 > heimdal/libkrb5-26-heimdal@1.7~git20150920+dfsg-4ubuntu1.16.04.1 > sqlite3/libsqlite3-0@3.11.0-1ubuntu1 - Introduced by your base image (phusion/baseimage:0.10.2) - Fixed in: 3.11.0-1ubuntu1.2 - -✗ High severity vulnerability found in sqlite3/libsqlite3-0 - Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') - Info: https://snyk.io/vuln/SNYK-LINUX-SQLITE3-442149 - Introduced through: software-properties/software-properties-common@0.96.20.7, apt/apt-transport-https@1.2.27 - From: software-properties/software-properties-common@0.96.20.7 > python3-defaults/python3@3.5.1-3 > python3.5@3.5.2-2ubuntu0~16.04.4 > python3.5/libpython3.5-stdlib@3.5.2-2ubuntu0~16.04.4 > sqlite3/libsqlite3-0@3.11.0-1ubuntu1 - From: apt/apt-transport-https@1.2.27 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 > openldap/libldap-2.4-2@2.4.42+dfsg-2ubuntu3.3 > heimdal/libgssapi3-heimdal@1.7~git20150920+dfsg-4ubuntu1.16.04.1 > heimdal/libheimntlm0-heimdal@1.7~git20150920+dfsg-4ubuntu1.16.04.1 > heimdal/libkrb5-26-heimdal@1.7~git20150920+dfsg-4ubuntu1.16.04.1 > sqlite3/libsqlite3-0@3.11.0-1ubuntu1 - Introduced by your base image (phusion/baseimage:0.10.2) - -✗ High severity vulnerability found in sqlite3/libsqlite3-0 - Description: Out-of-bounds Read - Info: https://snyk.io/vuln/SNYK-LINUX-SQLITE3-448003 - Introduced through: software-properties/software-properties-common@0.96.20.7, apt/apt-transport-https@1.2.27 - From: software-properties/software-properties-common@0.96.20.7 > python3-defaults/python3@3.5.1-3 > python3.5@3.5.2-2ubuntu0~16.04.4 > python3.5/libpython3.5-stdlib@3.5.2-2ubuntu0~16.04.4 > sqlite3/libsqlite3-0@3.11.0-1ubuntu1 - From: apt/apt-transport-https@1.2.27 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 > openldap/libldap-2.4-2@2.4.42+dfsg-2ubuntu3.3 > heimdal/libgssapi3-heimdal@1.7~git20150920+dfsg-4ubuntu1.16.04.1 > heimdal/libheimntlm0-heimdal@1.7~git20150920+dfsg-4ubuntu1.16.04.1 > heimdal/libkrb5-26-heimdal@1.7~git20150920+dfsg-4ubuntu1.16.04.1 > sqlite3/libsqlite3-0@3.11.0-1ubuntu1 - Introduced by your base image (phusion/baseimage:0.10.2) - Fixed in: 3.11.0-1ubuntu1.2 - -✗ High severity vulnerability found in sqlite3/libsqlite3-0 - Description: Integer Overflow or Wraparound - Info: https://snyk.io/vuln/SNYK-LINUX-SQLITE3-449600 - Introduced through: software-properties/software-properties-common@0.96.20.7, apt/apt-transport-https@1.2.27 - From: software-properties/software-properties-common@0.96.20.7 > python3-defaults/python3@3.5.1-3 > python3.5@3.5.2-2ubuntu0~16.04.4 > python3.5/libpython3.5-stdlib@3.5.2-2ubuntu0~16.04.4 > sqlite3/libsqlite3-0@3.11.0-1ubuntu1 - From: apt/apt-transport-https@1.2.27 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 > openldap/libldap-2.4-2@2.4.42+dfsg-2ubuntu3.3 > heimdal/libgssapi3-heimdal@1.7~git20150920+dfsg-4ubuntu1.16.04.1 > heimdal/libheimntlm0-heimdal@1.7~git20150920+dfsg-4ubuntu1.16.04.1 > heimdal/libkrb5-26-heimdal@1.7~git20150920+dfsg-4ubuntu1.16.04.1 > sqlite3/libsqlite3-0@3.11.0-1ubuntu1 - Introduced by your base image (phusion/baseimage:0.10.2) - -✗ High severity vulnerability found in shadow/passwd - Description: Improper Restriction of Operations within the Bounds of a Memory Buffer - Info: https://snyk.io/vuln/SNYK-LINUX-SHADOW-123859 - Introduced through: shadow/passwd@1:4.2-3.1ubuntu5.3, util-linux/libuuid1@2.27.1-6ubuntu3.6, openssh/openssh-server@1:7.2p2-4ubuntu2.4, apt/apt-utils@1.2.27, shadow/login@1:4.2-3.1ubuntu5.3 - From: shadow/passwd@1:4.2-3.1ubuntu5.3 - From: util-linux/libuuid1@2.27.1-6ubuntu3.6 > shadow/passwd@1:4.2-3.1ubuntu5.3 - From: openssh/openssh-server@1:7.2p2-4ubuntu2.4 > openssh/openssh-client@1:7.2p2-4ubuntu2.4 > shadow/passwd@1:4.2-3.1ubuntu5.3 - and 2 more... - Introduced by your base image (phusion/baseimage:0.10.2) - -✗ High severity vulnerability found in python3.5/libpython3.5-stdlib - Description: Resource Management Errors - Info: https://snyk.io/vuln/SNYK-LINUX-PYTHON35-116377 - Introduced through: software-properties/software-properties-common@0.96.20.7 - From: software-properties/software-properties-common@0.96.20.7 > python3-defaults/python3@3.5.1-3 > python3-defaults/libpython3-stdlib@3.5.1-3 > python3.5/libpython3.5-stdlib@3.5.2-2ubuntu0~16.04.4 - From: software-properties/software-properties-common@0.96.20.7 > python3-defaults/python3@3.5.1-3 > python3.5@3.5.2-2ubuntu0~16.04.4 > python3.5/libpython3.5-stdlib@3.5.2-2ubuntu0~16.04.4 - From: software-properties/software-properties-common@0.96.20.7 > python3-defaults/python3@3.5.1-3 > python3-defaults/python3-minimal@3.5.1-3 > python3.5/python3.5-minimal@3.5.2-2ubuntu0~16.04.4 - and 4 more... - Introduced by your base image (phusion/baseimage:0.10.2) - Fixed in: 3.5.2-2ubuntu0~16.04.5 - -✗ High severity vulnerability found in python3.5/libpython3.5-stdlib - Description: Resource Management Errors - Info: https://snyk.io/vuln/SNYK-LINUX-PYTHON35-133006 - Introduced through: software-properties/software-properties-common@0.96.20.7 - From: software-properties/software-properties-common@0.96.20.7 > python3-defaults/python3@3.5.1-3 > python3-defaults/libpython3-stdlib@3.5.1-3 > python3.5/libpython3.5-stdlib@3.5.2-2ubuntu0~16.04.4 - From: software-properties/software-properties-common@0.96.20.7 > python3-defaults/python3@3.5.1-3 > python3.5@3.5.2-2ubuntu0~16.04.4 > python3.5/libpython3.5-stdlib@3.5.2-2ubuntu0~16.04.4 - From: software-properties/software-properties-common@0.96.20.7 > python3-defaults/python3@3.5.1-3 > python3-defaults/python3-minimal@3.5.1-3 > python3.5/python3.5-minimal@3.5.2-2ubuntu0~16.04.4 - and 4 more... - Introduced by your base image (phusion/baseimage:0.10.2) - Fixed in: 3.5.2-2ubuntu0~16.04.5 - -✗ High severity vulnerability found in python3.5/libpython3.5-stdlib - Description: Resource Management Errors - Info: https://snyk.io/vuln/SNYK-LINUX-PYTHON35-173431 - Introduced through: software-properties/software-properties-common@0.96.20.7 - From: software-properties/software-properties-common@0.96.20.7 > python3-defaults/python3@3.5.1-3 > python3-defaults/libpython3-stdlib@3.5.1-3 > python3.5/libpython3.5-stdlib@3.5.2-2ubuntu0~16.04.4 - From: software-properties/software-properties-common@0.96.20.7 > python3-defaults/python3@3.5.1-3 > python3.5@3.5.2-2ubuntu0~16.04.4 > python3.5/libpython3.5-stdlib@3.5.2-2ubuntu0~16.04.4 - From: software-properties/software-properties-common@0.96.20.7 > python3-defaults/python3@3.5.1-3 > python3-defaults/python3-minimal@3.5.1-3 > python3.5/python3.5-minimal@3.5.2-2ubuntu0~16.04.4 - and 4 more... - Introduced by your base image (phusion/baseimage:0.10.2) - Fixed in: 3.5.2-2ubuntu0~16.04.5 - -✗ High severity vulnerability found in python3.5/libpython3.5-stdlib - Description: Integer Overflow or Wraparound - Info: https://snyk.io/vuln/SNYK-LINUX-PYTHON35-215759 - Introduced through: software-properties/software-properties-common@0.96.20.7 - From: software-properties/software-properties-common@0.96.20.7 > python3-defaults/python3@3.5.1-3 > python3-defaults/libpython3-stdlib@3.5.1-3 > python3.5/libpython3.5-stdlib@3.5.2-2ubuntu0~16.04.4 - From: software-properties/software-properties-common@0.96.20.7 > python3-defaults/python3@3.5.1-3 > python3.5@3.5.2-2ubuntu0~16.04.4 > python3.5/libpython3.5-stdlib@3.5.2-2ubuntu0~16.04.4 - From: software-properties/software-properties-common@0.96.20.7 > python3-defaults/python3@3.5.1-3 > python3-defaults/python3-minimal@3.5.1-3 > python3.5/python3.5-minimal@3.5.2-2ubuntu0~16.04.4 - and 4 more... - Introduced by your base image (phusion/baseimage:0.10.2) - -✗ High severity vulnerability found in python3.5/libpython3.5-stdlib - Description: Credentials Management - Info: https://snyk.io/vuln/SNYK-LINUX-PYTHON35-440071 - Introduced through: software-properties/software-properties-common@0.96.20.7 - From: software-properties/software-properties-common@0.96.20.7 > python3-defaults/python3@3.5.1-3 > python3-defaults/libpython3-stdlib@3.5.1-3 > python3.5/libpython3.5-stdlib@3.5.2-2ubuntu0~16.04.4 - From: software-properties/software-properties-common@0.96.20.7 > python3-defaults/python3@3.5.1-3 > python3.5@3.5.2-2ubuntu0~16.04.4 > python3.5/libpython3.5-stdlib@3.5.2-2ubuntu0~16.04.4 - From: software-properties/software-properties-common@0.96.20.7 > python3-defaults/python3@3.5.1-3 > python3-defaults/python3-minimal@3.5.1-3 > python3.5/python3.5-minimal@3.5.2-2ubuntu0~16.04.4 - and 4 more... - Introduced by your base image (phusion/baseimage:0.10.2) - -✗ High severity vulnerability found in python3.5/libpython3.5-stdlib - Description: Security Features - Info: https://snyk.io/vuln/SNYK-LINUX-PYTHON35-451985 - Introduced through: software-properties/software-properties-common@0.96.20.7 - From: software-properties/software-properties-common@0.96.20.7 > python3-defaults/python3@3.5.1-3 > python3-defaults/libpython3-stdlib@3.5.1-3 > python3.5/libpython3.5-stdlib@3.5.2-2ubuntu0~16.04.4 - From: software-properties/software-properties-common@0.96.20.7 > python3-defaults/python3@3.5.1-3 > python3.5@3.5.2-2ubuntu0~16.04.4 > python3.5/libpython3.5-stdlib@3.5.2-2ubuntu0~16.04.4 - From: software-properties/software-properties-common@0.96.20.7 > python3-defaults/python3@3.5.1-3 > python3-defaults/python3-minimal@3.5.1-3 > python3.5/python3.5-minimal@3.5.2-2ubuntu0~16.04.4 - and 4 more... - Introduced by your base image (phusion/baseimage:0.10.2) - -✗ High severity vulnerability found in python3.5/libpython3.5-stdlib - Description: Credentials Management - Info: https://snyk.io/vuln/SNYK-LINUX-PYTHON35-453339 - Introduced through: software-properties/software-properties-common@0.96.20.7 - From: software-properties/software-properties-common@0.96.20.7 > python3-defaults/python3@3.5.1-3 > python3-defaults/libpython3-stdlib@3.5.1-3 > python3.5/libpython3.5-stdlib@3.5.2-2ubuntu0~16.04.4 - From: software-properties/software-properties-common@0.96.20.7 > python3-defaults/python3@3.5.1-3 > python3.5@3.5.2-2ubuntu0~16.04.4 > python3.5/libpython3.5-stdlib@3.5.2-2ubuntu0~16.04.4 - From: software-properties/software-properties-common@0.96.20.7 > python3-defaults/python3@3.5.1-3 > python3-defaults/python3-minimal@3.5.1-3 > python3.5/python3.5-minimal@3.5.2-2ubuntu0~16.04.4 - and 4 more... - Introduced by your base image (phusion/baseimage:0.10.2) - -✗ High severity vulnerability found in perl/perl-base - Description: Improper Restriction of Operations within the Bounds of a Memory Buffer - Info: https://snyk.io/vuln/SNYK-LINUX-PERL-176607 - Introduced through: meta-common-packages@meta - From: meta-common-packages@meta > perl/perl-base@5.22.1-9ubuntu0.5 - Introduced by your base image (phusion/baseimage:0.10.2) - Fixed in: 5.22.1-9ubuntu0.6 - -✗ High severity vulnerability found in perl/perl-base - Description: Improper Restriction of Operations within the Bounds of a Memory Buffer - Info: https://snyk.io/vuln/SNYK-LINUX-PERL-176887 - Introduced through: meta-common-packages@meta - From: meta-common-packages@meta > perl/perl-base@5.22.1-9ubuntu0.5 - Introduced by your base image (phusion/baseimage:0.10.2) - Fixed in: 5.22.1-9ubuntu0.6 - -✗ High severity vulnerability found in perl/perl-base - Description: Improper Restriction of Operations within the Bounds of a Memory Buffer - Info: https://snyk.io/vuln/SNYK-LINUX-PERL-176929 - Introduced through: meta-common-packages@meta - From: meta-common-packages@meta > perl/perl-base@5.22.1-9ubuntu0.5 - Introduced by your base image (phusion/baseimage:0.10.2) - Fixed in: 5.22.1-9ubuntu0.6 - -✗ High severity vulnerability found in perl/perl-base - Description: Out-of-bounds Read - Info: https://snyk.io/vuln/SNYK-LINUX-PERL-177103 - Introduced through: meta-common-packages@meta - From: meta-common-packages@meta > perl/perl-base@5.22.1-9ubuntu0.5 - Introduced by your base image (phusion/baseimage:0.10.2) - Fixed in: 5.22.1-9ubuntu0.6 - -✗ High severity vulnerability found in pcre3/libpcre3 - Description: Out-of-bounds Read - Info: https://snyk.io/vuln/SNYK-LINUX-PCRE3-104766 - Introduced through: meta-common-packages@meta - From: meta-common-packages@meta > pcre3/libpcre3@2:8.38-3.1 - Introduced by your base image (phusion/baseimage:0.10.2) - -✗ High severity vulnerability found in pcre3/libpcre3 - Description: Improper Restriction of Operations within the Bounds of a Memory Buffer - Info: https://snyk.io/vuln/SNYK-LINUX-PCRE3-115388 - Introduced through: meta-common-packages@meta - From: meta-common-packages@meta > pcre3/libpcre3@2:8.38-3.1 - Introduced by your base image (phusion/baseimage:0.10.2) - -✗ High severity vulnerability found in pcre3/libpcre3 - Description: Improper Restriction of Operations within the Bounds of a Memory Buffer - Info: https://snyk.io/vuln/SNYK-LINUX-PCRE3-116319 - Introduced through: meta-common-packages@meta - From: meta-common-packages@meta > pcre3/libpcre3@2:8.38-3.1 - Introduced by your base image (phusion/baseimage:0.10.2) - -✗ High severity vulnerability found in pcre3/libpcre3 - Description: Resource Management Errors - Info: https://snyk.io/vuln/SNYK-LINUX-PCRE3-123374 - Introduced through: meta-common-packages@meta - From: meta-common-packages@meta > pcre3/libpcre3@2:8.38-3.1 - Introduced by your base image (phusion/baseimage:0.10.2) - -✗ High severity vulnerability found in pcre3/libpcre3 - Description: Improper Restriction of Operations within the Bounds of a Memory Buffer - Info: https://snyk.io/vuln/SNYK-LINUX-PCRE3-126449 - Introduced through: meta-common-packages@meta - From: meta-common-packages@meta > pcre3/libpcre3@2:8.38-3.1 - Introduced by your base image (phusion/baseimage:0.10.2) - -✗ High severity vulnerability found in openssh/openssh-client - Description: NULL Pointer Dereference - Info: https://snyk.io/vuln/SNYK-LINUX-OPENSSH-117962 - Introduced through: openssh/openssh-server@1:7.2p2-4ubuntu2.4 - From: openssh/openssh-server@1:7.2p2-4ubuntu2.4 > openssh/openssh-client@1:7.2p2-4ubuntu2.4 - From: openssh/openssh-server@1:7.2p2-4ubuntu2.4 > openssh/openssh-sftp-server@1:7.2p2-4ubuntu2.4 > openssh/openssh-client@1:7.2p2-4ubuntu2.4 - From: openssh/openssh-server@1:7.2p2-4ubuntu2.4 > openssh/openssh-sftp-server@1:7.2p2-4ubuntu2.4 - and 1 more... - Introduced by your base image (phusion/baseimage:0.10.2) - Fixed in: 1:7.2p2-4ubuntu2.6 - -✗ High severity vulnerability found in ncurses/libncursesw5 - Description: Improper Restriction of Operations within the Bounds of a Memory Buffer - Info: https://snyk.io/vuln/SNYK-LINUX-NCURSES-101854 - Introduced through: ncurses/libncursesw5@6.0+20160213-1ubuntu1, procps@2:3.3.10-4ubuntu2.4, init-system-helpers/init@1.29ubuntu4, software-properties/software-properties-common@0.96.20.7, meta-common-packages@meta, ncurses/libncurses5@6.0+20160213-1ubuntu1, ncurses/ncurses-base@6.0+20160213-1ubuntu1, ncurses/ncurses-bin@6.0+20160213-1ubuntu1 - From: ncurses/libncursesw5@6.0+20160213-1ubuntu1 - From: procps@2:3.3.10-4ubuntu2.4 > ncurses/libncursesw5@6.0+20160213-1ubuntu1 - From: init-system-helpers/init@1.29ubuntu4 > systemd/systemd-sysv@229-4ubuntu21.4 > systemd@229-4ubuntu21.4 > util-linux@2.27.1-6ubuntu3.6 > ncurses/libncursesw5@6.0+20160213-1ubuntu1 - and 6 more... - Introduced by your base image (phusion/baseimage:0.10.2) - -✗ High severity vulnerability found in ncurses/libncursesw5 - Description: Improper Input Validation - Info: https://snyk.io/vuln/SNYK-LINUX-NCURSES-102144 - Introduced through: ncurses/libncursesw5@6.0+20160213-1ubuntu1, procps@2:3.3.10-4ubuntu2.4, init-system-helpers/init@1.29ubuntu4, software-properties/software-properties-common@0.96.20.7, meta-common-packages@meta, ncurses/libncurses5@6.0+20160213-1ubuntu1, ncurses/ncurses-base@6.0+20160213-1ubuntu1, ncurses/ncurses-bin@6.0+20160213-1ubuntu1 - From: ncurses/libncursesw5@6.0+20160213-1ubuntu1 - From: procps@2:3.3.10-4ubuntu2.4 > ncurses/libncursesw5@6.0+20160213-1ubuntu1 - From: init-system-helpers/init@1.29ubuntu4 > systemd/systemd-sysv@229-4ubuntu21.4 > systemd@229-4ubuntu21.4 > util-linux@2.27.1-6ubuntu3.6 > ncurses/libncursesw5@6.0+20160213-1ubuntu1 - and 6 more... - Introduced by your base image (phusion/baseimage:0.10.2) - -✗ High severity vulnerability found in ncurses/libncursesw5 - Description: Improper Restriction of Operations within the Bounds of a Memory Buffer - Info: https://snyk.io/vuln/SNYK-LINUX-NCURSES-108149 - Introduced through: ncurses/libncursesw5@6.0+20160213-1ubuntu1, procps@2:3.3.10-4ubuntu2.4, init-system-helpers/init@1.29ubuntu4, software-properties/software-properties-common@0.96.20.7, meta-common-packages@meta, ncurses/libncurses5@6.0+20160213-1ubuntu1, ncurses/ncurses-base@6.0+20160213-1ubuntu1, ncurses/ncurses-bin@6.0+20160213-1ubuntu1 - From: ncurses/libncursesw5@6.0+20160213-1ubuntu1 - From: procps@2:3.3.10-4ubuntu2.4 > ncurses/libncursesw5@6.0+20160213-1ubuntu1 - From: init-system-helpers/init@1.29ubuntu4 > systemd/systemd-sysv@229-4ubuntu21.4 > systemd@229-4ubuntu21.4 > util-linux@2.27.1-6ubuntu3.6 > ncurses/libncursesw5@6.0+20160213-1ubuntu1 - and 6 more... - Introduced by your base image (phusion/baseimage:0.10.2) - -✗ High severity vulnerability found in ncurses/libncursesw5 - Description: Improper Input Validation - Info: https://snyk.io/vuln/SNYK-LINUX-NCURSES-115378 - Introduced through: ncurses/libncursesw5@6.0+20160213-1ubuntu1, procps@2:3.3.10-4ubuntu2.4, init-system-helpers/init@1.29ubuntu4, software-properties/software-properties-common@0.96.20.7, meta-common-packages@meta, ncurses/libncurses5@6.0+20160213-1ubuntu1, ncurses/ncurses-base@6.0+20160213-1ubuntu1, ncurses/ncurses-bin@6.0+20160213-1ubuntu1 - From: ncurses/libncursesw5@6.0+20160213-1ubuntu1 - From: procps@2:3.3.10-4ubuntu2.4 > ncurses/libncursesw5@6.0+20160213-1ubuntu1 - From: init-system-helpers/init@1.29ubuntu4 > systemd/systemd-sysv@229-4ubuntu21.4 > systemd@229-4ubuntu21.4 > util-linux@2.27.1-6ubuntu3.6 > ncurses/libncursesw5@6.0+20160213-1ubuntu1 - and 6 more... - Introduced by your base image (phusion/baseimage:0.10.2) - -✗ High severity vulnerability found in ncurses/libncursesw5 - Description: NULL Pointer Dereference - Info: https://snyk.io/vuln/SNYK-LINUX-NCURSES-116768 - Introduced through: ncurses/libncursesw5@6.0+20160213-1ubuntu1, procps@2:3.3.10-4ubuntu2.4, init-system-helpers/init@1.29ubuntu4, software-properties/software-properties-common@0.96.20.7, meta-common-packages@meta, ncurses/libncurses5@6.0+20160213-1ubuntu1, ncurses/ncurses-base@6.0+20160213-1ubuntu1, ncurses/ncurses-bin@6.0+20160213-1ubuntu1 - From: ncurses/libncursesw5@6.0+20160213-1ubuntu1 - From: procps@2:3.3.10-4ubuntu2.4 > ncurses/libncursesw5@6.0+20160213-1ubuntu1 - From: init-system-helpers/init@1.29ubuntu4 > systemd/systemd-sysv@229-4ubuntu21.4 > systemd@229-4ubuntu21.4 > util-linux@2.27.1-6ubuntu3.6 > ncurses/libncursesw5@6.0+20160213-1ubuntu1 - and 6 more... - Introduced by your base image (phusion/baseimage:0.10.2) - -✗ High severity vulnerability found in ncurses/libncursesw5 - Description: Improper Restriction of Operations within the Bounds of a Memory Buffer - Info: https://snyk.io/vuln/SNYK-LINUX-NCURSES-126835 - Introduced through: ncurses/libncursesw5@6.0+20160213-1ubuntu1, procps@2:3.3.10-4ubuntu2.4, init-system-helpers/init@1.29ubuntu4, software-properties/software-properties-common@0.96.20.7, meta-common-packages@meta, ncurses/libncurses5@6.0+20160213-1ubuntu1, ncurses/ncurses-base@6.0+20160213-1ubuntu1, ncurses/ncurses-bin@6.0+20160213-1ubuntu1 - From: ncurses/libncursesw5@6.0+20160213-1ubuntu1 - From: procps@2:3.3.10-4ubuntu2.4 > ncurses/libncursesw5@6.0+20160213-1ubuntu1 - From: init-system-helpers/init@1.29ubuntu4 > systemd/systemd-sysv@229-4ubuntu21.4 > systemd@229-4ubuntu21.4 > util-linux@2.27.1-6ubuntu3.6 > ncurses/libncursesw5@6.0+20160213-1ubuntu1 - and 6 more... - Introduced by your base image (phusion/baseimage:0.10.2) - -✗ High severity vulnerability found in libseccomp/libseccomp2 - Description: Permissions - Info: https://snyk.io/vuln/SNYK-LINUX-LIBSECCOMP-441036 - Introduced through: libseccomp/libseccomp2@2.3.1-2.1ubuntu2~16.04.1, init-system-helpers/init@1.29ubuntu4 - From: libseccomp/libseccomp2@2.3.1-2.1ubuntu2~16.04.1 - From: init-system-helpers/init@1.29ubuntu4 > systemd/systemd-sysv@229-4ubuntu21.4 > systemd@229-4ubuntu21.4 > libseccomp/libseccomp2@2.3.1-2.1ubuntu2~16.04.1 - Introduced by your base image (phusion/baseimage:0.10.2) - Fixed in: 2.4.1-0ubuntu0.16.04.2 - -✗ High severity vulnerability found in krb5/libkrb5support0 - Description: Improper Restriction of Operations within the Bounds of a Memory Buffer - Info: https://snyk.io/vuln/SNYK-LINUX-KRB5-106341 - Introduced through: apt/apt-transport-https@1.2.27, openssh/openssh-server@1:7.2p2-4ubuntu2.4 - From: apt/apt-transport-https@1.2.27 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 > krb5/libgssapi-krb5-2@1.13.2+dfsg-5ubuntu2 > krb5/libkrb5support0@1.13.2+dfsg-5ubuntu2 - From: apt/apt-transport-https@1.2.27 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 > krb5/libgssapi-krb5-2@1.13.2+dfsg-5ubuntu2 > krb5/libk5crypto3@1.13.2+dfsg-5ubuntu2 > krb5/libkrb5support0@1.13.2+dfsg-5ubuntu2 - From: apt/apt-transport-https@1.2.27 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 > krb5/libgssapi-krb5-2@1.13.2+dfsg-5ubuntu2 > krb5/libkrb5-3@1.13.2+dfsg-5ubuntu2 > krb5/libkrb5support0@1.13.2+dfsg-5ubuntu2 - and 7 more... - Introduced by your base image (phusion/baseimage:0.10.2) - -✗ High severity vulnerability found in krb5/libkrb5support0 - Description: Double Free - Info: https://snyk.io/vuln/SNYK-LINUX-KRB5-118386 - Introduced through: apt/apt-transport-https@1.2.27, openssh/openssh-server@1:7.2p2-4ubuntu2.4 - From: apt/apt-transport-https@1.2.27 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 > krb5/libgssapi-krb5-2@1.13.2+dfsg-5ubuntu2 > krb5/libkrb5support0@1.13.2+dfsg-5ubuntu2 - From: apt/apt-transport-https@1.2.27 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 > krb5/libgssapi-krb5-2@1.13.2+dfsg-5ubuntu2 > krb5/libk5crypto3@1.13.2+dfsg-5ubuntu2 > krb5/libkrb5support0@1.13.2+dfsg-5ubuntu2 - From: apt/apt-transport-https@1.2.27 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 > krb5/libgssapi-krb5-2@1.13.2+dfsg-5ubuntu2 > krb5/libkrb5-3@1.13.2+dfsg-5ubuntu2 > krb5/libkrb5support0@1.13.2+dfsg-5ubuntu2 - and 7 more... - Introduced by your base image (phusion/baseimage:0.10.2) - Fixed in: 1.13.2+dfsg-5ubuntu2.1 - -✗ High severity vulnerability found in heimdal/libhcrypto4-heimdal - Description: Improper Access Control - Info: https://snyk.io/vuln/SNYK-LINUX-HEIMDAL-133458 - Introduced through: apt/apt-transport-https@1.2.27, meta-common-packages@meta - From: apt/apt-transport-https@1.2.27 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 > openldap/libldap-2.4-2@2.4.42+dfsg-2ubuntu3.3 > heimdal/libgssapi3-heimdal@1.7~git20150920+dfsg-4ubuntu1.16.04.1 > heimdal/libhcrypto4-heimdal@1.7~git20150920+dfsg-4ubuntu1.16.04.1 - From: apt/apt-transport-https@1.2.27 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 > openldap/libldap-2.4-2@2.4.42+dfsg-2ubuntu3.3 > heimdal/libgssapi3-heimdal@1.7~git20150920+dfsg-4ubuntu1.16.04.1 > heimdal/libheimntlm0-heimdal@1.7~git20150920+dfsg-4ubuntu1.16.04.1 > heimdal/libhcrypto4-heimdal@1.7~git20150920+dfsg-4ubuntu1.16.04.1 - From: apt/apt-transport-https@1.2.27 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 > openldap/libldap-2.4-2@2.4.42+dfsg-2ubuntu3.3 > heimdal/libgssapi3-heimdal@1.7~git20150920+dfsg-4ubuntu1.16.04.1 > heimdal/libheimntlm0-heimdal@1.7~git20150920+dfsg-4ubuntu1.16.04.1 > heimdal/libkrb5-26-heimdal@1.7~git20150920+dfsg-4ubuntu1.16.04.1 > heimdal/libhcrypto4-heimdal@1.7~git20150920+dfsg-4ubuntu1.16.04.1 - and 13 more... - Introduced by your base image (phusion/baseimage:0.10.2) - -✗ High severity vulnerability found in heimdal/libhcrypto4-heimdal - Description: Key Management Errors - Info: https://snyk.io/vuln/SNYK-LINUX-HEIMDAL-446600 - Introduced through: apt/apt-transport-https@1.2.27, meta-common-packages@meta - From: apt/apt-transport-https@1.2.27 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 > openldap/libldap-2.4-2@2.4.42+dfsg-2ubuntu3.3 > heimdal/libgssapi3-heimdal@1.7~git20150920+dfsg-4ubuntu1.16.04.1 > heimdal/libhcrypto4-heimdal@1.7~git20150920+dfsg-4ubuntu1.16.04.1 - From: apt/apt-transport-https@1.2.27 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 > openldap/libldap-2.4-2@2.4.42+dfsg-2ubuntu3.3 > heimdal/libgssapi3-heimdal@1.7~git20150920+dfsg-4ubuntu1.16.04.1 > heimdal/libheimntlm0-heimdal@1.7~git20150920+dfsg-4ubuntu1.16.04.1 > heimdal/libhcrypto4-heimdal@1.7~git20150920+dfsg-4ubuntu1.16.04.1 - From: apt/apt-transport-https@1.2.27 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 > openldap/libldap-2.4-2@2.4.42+dfsg-2ubuntu3.3 > heimdal/libgssapi3-heimdal@1.7~git20150920+dfsg-4ubuntu1.16.04.1 > heimdal/libheimntlm0-heimdal@1.7~git20150920+dfsg-4ubuntu1.16.04.1 > heimdal/libkrb5-26-heimdal@1.7~git20150920+dfsg-4ubuntu1.16.04.1 > heimdal/libhcrypto4-heimdal@1.7~git20150920+dfsg-4ubuntu1.16.04.1 - and 13 more... - Introduced by your base image (phusion/baseimage:0.10.2) - -✗ High severity vulnerability found in gnupg/gpgv - Description: Improper Validation of Certificate with Host Mismatch - Info: https://snyk.io/vuln/SNYK-LINUX-GNUPG-452421 - Introduced through: gnupg/gpgv@1.4.20-1ubuntu3.3, apt/apt-utils@1.2.27, gnupg@1.4.20-1ubuntu3.3 - From: gnupg/gpgv@1.4.20-1ubuntu3.3 - From: apt/apt-utils@1.2.27 > apt@1.2.27 > gnupg/gpgv@1.4.20-1ubuntu3.3 - From: apt/apt-utils@1.2.27 > apt@1.2.27 > gnupg@1.4.20-1ubuntu3.3 > gnupg/gpgv@1.4.20-1ubuntu3.3 - and 2 more... - Introduced by your base image (phusion/baseimage:0.10.2) - -✗ High severity vulnerability found in glibc/libc-bin - Description: Integer Overflow or Wraparound - Info: https://snyk.io/vuln/SNYK-LINUX-GLIBC-111940 - Introduced through: glibc/libc-bin@2.23-0ubuntu10, language-pack-en@1:16.04+20161009, meta-common-packages@meta - From: glibc/libc-bin@2.23-0ubuntu10 - From: language-pack-en@1:16.04+20161009 > language-pack-en-base@1:16.04+20160627 > glibc/locales@2.23-0ubuntu10 > glibc/libc-bin@2.23-0ubuntu10 - From: language-pack-en@1:16.04+20161009 > language-pack-en-base@1:16.04+20160627 > glibc/locales@2.23-0ubuntu10 - and 2 more... - Introduced by your base image (phusion/baseimage:0.10.2) - -✗ High severity vulnerability found in glibc/libc-bin - Description: NULL Pointer Dereference - Info: https://snyk.io/vuln/SNYK-LINUX-GLIBC-112720 - Introduced through: glibc/libc-bin@2.23-0ubuntu10, language-pack-en@1:16.04+20161009, meta-common-packages@meta - From: glibc/libc-bin@2.23-0ubuntu10 - From: language-pack-en@1:16.04+20161009 > language-pack-en-base@1:16.04+20160627 > glibc/locales@2.23-0ubuntu10 > glibc/libc-bin@2.23-0ubuntu10 - From: language-pack-en@1:16.04+20161009 > language-pack-en-base@1:16.04+20160627 > glibc/locales@2.23-0ubuntu10 - and 2 more... - Introduced by your base image (phusion/baseimage:0.10.2) - -✗ High severity vulnerability found in glibc/libc-bin - Description: Improper Restriction of Operations within the Bounds of a Memory Buffer - Info: https://snyk.io/vuln/SNYK-LINUX-GLIBC-121976 - Introduced through: glibc/libc-bin@2.23-0ubuntu10, language-pack-en@1:16.04+20161009, meta-common-packages@meta - From: glibc/libc-bin@2.23-0ubuntu10 - From: language-pack-en@1:16.04+20161009 > language-pack-en-base@1:16.04+20160627 > glibc/locales@2.23-0ubuntu10 > glibc/libc-bin@2.23-0ubuntu10 - From: language-pack-en@1:16.04+20161009 > language-pack-en-base@1:16.04+20160627 > glibc/locales@2.23-0ubuntu10 - and 2 more... - Introduced by your base image (phusion/baseimage:0.10.2) - -✗ High severity vulnerability found in glibc/libc-bin - Description: Integer Overflow or Wraparound - Info: https://snyk.io/vuln/SNYK-LINUX-GLIBC-138936 - Introduced through: glibc/libc-bin@2.23-0ubuntu10, language-pack-en@1:16.04+20161009, meta-common-packages@meta - From: glibc/libc-bin@2.23-0ubuntu10 - From: language-pack-en@1:16.04+20161009 > language-pack-en-base@1:16.04+20160627 > glibc/locales@2.23-0ubuntu10 > glibc/libc-bin@2.23-0ubuntu10 - From: language-pack-en@1:16.04+20161009 > language-pack-en-base@1:16.04+20160627 > glibc/locales@2.23-0ubuntu10 - and 2 more... - Introduced by your base image (phusion/baseimage:0.10.2) - -✗ High severity vulnerability found in glibc/libc-bin - Description: Improper Restriction of Operations within the Bounds of a Memory Buffer - Info: https://snyk.io/vuln/SNYK-LINUX-GLIBC-171152 - Introduced through: glibc/libc-bin@2.23-0ubuntu10, language-pack-en@1:16.04+20161009, meta-common-packages@meta - From: glibc/libc-bin@2.23-0ubuntu10 - From: language-pack-en@1:16.04+20161009 > language-pack-en-base@1:16.04+20160627 > glibc/locales@2.23-0ubuntu10 > glibc/libc-bin@2.23-0ubuntu10 - From: language-pack-en@1:16.04+20161009 > language-pack-en-base@1:16.04+20160627 > glibc/locales@2.23-0ubuntu10 - and 2 more... - Introduced by your base image (phusion/baseimage:0.10.2) - -✗ High severity vulnerability found in glibc/libc-bin - Description: Resource Management Errors - Info: https://snyk.io/vuln/SNYK-LINUX-GLIBC-438096 - Introduced through: glibc/libc-bin@2.23-0ubuntu10, language-pack-en@1:16.04+20161009, meta-common-packages@meta - From: glibc/libc-bin@2.23-0ubuntu10 - From: language-pack-en@1:16.04+20161009 > language-pack-en-base@1:16.04+20160627 > glibc/locales@2.23-0ubuntu10 > glibc/libc-bin@2.23-0ubuntu10 - From: language-pack-en@1:16.04+20161009 > language-pack-en-base@1:16.04+20160627 > glibc/locales@2.23-0ubuntu10 - and 2 more... - Introduced by your base image (phusion/baseimage:0.10.2) - -✗ High severity vulnerability found in glibc/libc-bin - Description: Out-of-bounds Read - Info: https://snyk.io/vuln/SNYK-LINUX-GLIBC-438153 - Introduced through: glibc/libc-bin@2.23-0ubuntu10, language-pack-en@1:16.04+20161009, meta-common-packages@meta - From: glibc/libc-bin@2.23-0ubuntu10 - From: language-pack-en@1:16.04+20161009 > language-pack-en-base@1:16.04+20160627 > glibc/locales@2.23-0ubuntu10 > glibc/libc-bin@2.23-0ubuntu10 - From: language-pack-en@1:16.04+20161009 > language-pack-en-base@1:16.04+20160627 > glibc/locales@2.23-0ubuntu10 - and 2 more... - Introduced by your base image (phusion/baseimage:0.10.2) - -✗ High severity vulnerability found in glibc/libc-bin - Description: Data Handling - Info: https://snyk.io/vuln/SNYK-LINUX-GLIBC-438155 - Introduced through: glibc/libc-bin@2.23-0ubuntu10, language-pack-en@1:16.04+20161009, meta-common-packages@meta - From: glibc/libc-bin@2.23-0ubuntu10 - From: language-pack-en@1:16.04+20161009 > language-pack-en-base@1:16.04+20160627 > glibc/locales@2.23-0ubuntu10 > glibc/libc-bin@2.23-0ubuntu10 - From: language-pack-en@1:16.04+20161009 > language-pack-en-base@1:16.04+20160627 > glibc/locales@2.23-0ubuntu10 - and 2 more... - Introduced by your base image (phusion/baseimage:0.10.2) - -✗ High severity vulnerability found in glibc/libc-bin - Description: Resource Management Errors - Info: https://snyk.io/vuln/SNYK-LINUX-GLIBC-438162 - Introduced through: glibc/libc-bin@2.23-0ubuntu10, language-pack-en@1:16.04+20161009, meta-common-packages@meta - From: glibc/libc-bin@2.23-0ubuntu10 - From: language-pack-en@1:16.04+20161009 > language-pack-en-base@1:16.04+20160627 > glibc/locales@2.23-0ubuntu10 > glibc/libc-bin@2.23-0ubuntu10 - From: language-pack-en@1:16.04+20161009 > language-pack-en-base@1:16.04+20160627 > glibc/locales@2.23-0ubuntu10 - and 2 more... - Introduced by your base image (phusion/baseimage:0.10.2) - -✗ High severity vulnerability found in glib2.0/libglib2.0-0 - Description: NULL Pointer Dereference - Info: https://snyk.io/vuln/SNYK-LINUX-GLIB20-172736 - Introduced through: syslog-ng/syslog-ng-core@3.5.6-2.1, software-properties/software-properties-common@0.96.20.7 - From: syslog-ng/syslog-ng-core@3.5.6-2.1 > glib2.0/libglib2.0-0@2.48.2-0ubuntu4 - From: software-properties/software-properties-common@0.96.20.7 > dbus-python/python3-dbus@1.2.0-3 > glib2.0/libglib2.0-0@2.48.2-0ubuntu4 - From: software-properties/software-properties-common@0.96.20.7 > pygobject/python3-gi@3.20.0-0ubuntu1 > glib2.0/libglib2.0-0@2.48.2-0ubuntu4 - and 3 more... - Introduced by your base image (phusion/baseimage:0.10.2) - Fixed in: 2.48.2-0ubuntu4.1 - -✗ High severity vulnerability found in glib2.0/libglib2.0-0 - Description: Out-of-bounds Read - Info: https://snyk.io/vuln/SNYK-LINUX-GLIB20-172855 - Introduced through: syslog-ng/syslog-ng-core@3.5.6-2.1, software-properties/software-properties-common@0.96.20.7 - From: syslog-ng/syslog-ng-core@3.5.6-2.1 > glib2.0/libglib2.0-0@2.48.2-0ubuntu4 - From: software-properties/software-properties-common@0.96.20.7 > dbus-python/python3-dbus@1.2.0-3 > glib2.0/libglib2.0-0@2.48.2-0ubuntu4 - From: software-properties/software-properties-common@0.96.20.7 > pygobject/python3-gi@3.20.0-0ubuntu1 > glib2.0/libglib2.0-0@2.48.2-0ubuntu4 - and 3 more... - Introduced by your base image (phusion/baseimage:0.10.2) - Fixed in: 2.48.2-0ubuntu4.1 - -✗ High severity vulnerability found in glib2.0/libglib2.0-0 - Description: Permission Issues - Info: https://snyk.io/vuln/SNYK-LINUX-GLIB20-448008 - Introduced through: syslog-ng/syslog-ng-core@3.5.6-2.1, software-properties/software-properties-common@0.96.20.7 - From: syslog-ng/syslog-ng-core@3.5.6-2.1 > glib2.0/libglib2.0-0@2.48.2-0ubuntu4 - From: software-properties/software-properties-common@0.96.20.7 > dbus-python/python3-dbus@1.2.0-3 > glib2.0/libglib2.0-0@2.48.2-0ubuntu4 - From: software-properties/software-properties-common@0.96.20.7 > pygobject/python3-gi@3.20.0-0ubuntu1 > glib2.0/libglib2.0-0@2.48.2-0ubuntu4 - and 3 more... - Introduced by your base image (phusion/baseimage:0.10.2) - Fixed in: 2.48.2-0ubuntu4.2 - -✗ High severity vulnerability found in glib2.0/libglib2.0-0 - Description: Permission Issues - Info: https://snyk.io/vuln/SNYK-LINUX-GLIB20-451222 - Introduced through: syslog-ng/syslog-ng-core@3.5.6-2.1, software-properties/software-properties-common@0.96.20.7 - From: syslog-ng/syslog-ng-core@3.5.6-2.1 > glib2.0/libglib2.0-0@2.48.2-0ubuntu4 - From: software-properties/software-properties-common@0.96.20.7 > dbus-python/python3-dbus@1.2.0-3 > glib2.0/libglib2.0-0@2.48.2-0ubuntu4 - From: software-properties/software-properties-common@0.96.20.7 > pygobject/python3-gi@3.20.0-0ubuntu1 > glib2.0/libglib2.0-0@2.48.2-0ubuntu4 - and 3 more... - Introduced by your base image (phusion/baseimage:0.10.2) - Fixed in: 2.48.2-0ubuntu4.3 - -✗ High severity vulnerability found in expat/libexpat1 - Description: Improper Restriction of XML External Entity Reference ('XXE') - Info: https://snyk.io/vuln/SNYK-LINUX-EXPAT-450908 - Introduced through: software-properties/software-properties-common@0.96.20.7 - From: software-properties/software-properties-common@0.96.20.7 > python3-defaults/python3@3.5.1-3 > python3.5@3.5.2-2ubuntu0~16.04.4 > python3.5/python3.5-minimal@3.5.2-2ubuntu0~16.04.4 > expat/libexpat1@2.1.0-7ubuntu0.16.04.3 - Introduced by your base image (phusion/baseimage:0.10.2) - Fixed in: 2.1.0-7ubuntu0.16.04.4 - -✗ High severity vulnerability found in dpkg - Description: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') - Info: https://snyk.io/vuln/SNYK-LINUX-DPKG-130415 - Introduced through: meta-common-packages@meta - From: meta-common-packages@meta > dpkg@1.18.4ubuntu1.4 - Introduced by your base image (phusion/baseimage:0.10.2) - -✗ High severity vulnerability found in dbus/libdbus-1-3 - Description: Improper Authentication - Info: https://snyk.io/vuln/SNYK-LINUX-DBUS-449617 - Introduced through: software-properties/software-properties-common@0.96.20.7 - From: software-properties/software-properties-common@0.96.20.7 > dbus-python/python3-dbus@1.2.0-3 > dbus/libdbus-1-3@1.10.6-1ubuntu3.3 - From: software-properties/software-properties-common@0.96.20.7 > dbus-python/python3-dbus@1.2.0-3 > dbus-glib/libdbus-glib-1-2@0.106-1 > dbus/libdbus-1-3@1.10.6-1ubuntu3.3 - Introduced by your base image (phusion/baseimage:0.10.2) - Fixed in: 1.10.6-1ubuntu3.4 - -✗ High severity vulnerability found in db5.3/libdb5.3 - Description: Out-of-bounds Read - Info: https://snyk.io/vuln/SNYK-LINUX-DB53-448989 - Introduced through: meta-common-packages@meta - From: meta-common-packages@meta > db5.3/libdb5.3@5.3.28-11ubuntu0.1 - Introduced by your base image (phusion/baseimage:0.10.2) - Fixed in: 5.3.28-11ubuntu0.2 - -✗ High severity vulnerability found in curl/libcurl3-gnutls - Description: Improper Input Validation - Info: https://snyk.io/vuln/SNYK-LINUX-CURL-125405 - Introduced through: apt/apt-transport-https@1.2.27, curl@7.47.0-1ubuntu2.8, software-properties/software-properties-common@0.96.20.7 - From: apt/apt-transport-https@1.2.27 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 - From: curl@7.47.0-1ubuntu2.8 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 - From: software-properties/software-properties-common@0.96.20.7 > software-properties/python3-software-properties@0.96.20.7 > pycurl/python3-pycurl@7.43.0-1ubuntu1 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 - and 1 more... - Introduced by your base image (phusion/baseimage:0.10.2) - -✗ High severity vulnerability found in curl/libcurl3-gnutls - Description: Integer Overflow or Wraparound - Info: https://snyk.io/vuln/SNYK-LINUX-CURL-172816 - Introduced through: apt/apt-transport-https@1.2.27, curl@7.47.0-1ubuntu2.8, software-properties/software-properties-common@0.96.20.7 - From: apt/apt-transport-https@1.2.27 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 - From: curl@7.47.0-1ubuntu2.8 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 - From: software-properties/software-properties-common@0.96.20.7 > software-properties/python3-software-properties@0.96.20.7 > pycurl/python3-pycurl@7.43.0-1ubuntu1 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 - and 1 more... - Introduced by your base image (phusion/baseimage:0.10.2) - Fixed in: 7.47.0-1ubuntu2.9 - -✗ High severity vulnerability found in curl/libcurl3-gnutls - Description: Out-of-bounds Read - Info: https://snyk.io/vuln/SNYK-LINUX-CURL-175334 - Introduced through: apt/apt-transport-https@1.2.27, curl@7.47.0-1ubuntu2.8, software-properties/software-properties-common@0.96.20.7 - From: apt/apt-transport-https@1.2.27 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 - From: curl@7.47.0-1ubuntu2.8 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 - From: software-properties/software-properties-common@0.96.20.7 > software-properties/python3-software-properties@0.96.20.7 > pycurl/python3-pycurl@7.43.0-1ubuntu1 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 - and 1 more... - Introduced by your base image (phusion/baseimage:0.10.2) - Fixed in: 7.47.0-1ubuntu2.11 - -✗ High severity vulnerability found in curl/libcurl3-gnutls - Description: Improper Restriction of Operations within the Bounds of a Memory Buffer - Info: https://snyk.io/vuln/SNYK-LINUX-CURL-175338 - Introduced through: apt/apt-transport-https@1.2.27, curl@7.47.0-1ubuntu2.8, software-properties/software-properties-common@0.96.20.7 - From: apt/apt-transport-https@1.2.27 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 - From: curl@7.47.0-1ubuntu2.8 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 - From: software-properties/software-properties-common@0.96.20.7 > software-properties/python3-software-properties@0.96.20.7 > pycurl/python3-pycurl@7.43.0-1ubuntu1 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 - and 1 more... - Introduced by your base image (phusion/baseimage:0.10.2) - Fixed in: 7.47.0-1ubuntu2.11 - -✗ High severity vulnerability found in curl/libcurl3-gnutls - Description: Improper Restriction of Operations within the Bounds of a Memory Buffer - Info: https://snyk.io/vuln/SNYK-LINUX-CURL-436283 - Introduced through: apt/apt-transport-https@1.2.27, curl@7.47.0-1ubuntu2.8, software-properties/software-properties-common@0.96.20.7 - From: apt/apt-transport-https@1.2.27 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 - From: curl@7.47.0-1ubuntu2.8 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 - From: software-properties/software-properties-common@0.96.20.7 > software-properties/python3-software-properties@0.96.20.7 > pycurl/python3-pycurl@7.43.0-1ubuntu1 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 - and 1 more... - Introduced by your base image (phusion/baseimage:0.10.2) - Fixed in: 7.47.0-1ubuntu2.12 - -✗ High severity vulnerability found in curl/libcurl3-gnutls - Description: Out-of-bounds Read - Info: https://snyk.io/vuln/SNYK-LINUX-CURL-436285 - Introduced through: apt/apt-transport-https@1.2.27, curl@7.47.0-1ubuntu2.8, software-properties/software-properties-common@0.96.20.7 - From: apt/apt-transport-https@1.2.27 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 - From: curl@7.47.0-1ubuntu2.8 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 - From: software-properties/software-properties-common@0.96.20.7 > software-properties/python3-software-properties@0.96.20.7 > pycurl/python3-pycurl@7.43.0-1ubuntu1 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 - and 1 more... - Introduced by your base image (phusion/baseimage:0.10.2) - Fixed in: 7.47.0-1ubuntu2.12 - -✗ High severity vulnerability found in curl/libcurl3-gnutls - Description: Out-of-bounds Read - Info: https://snyk.io/vuln/SNYK-LINUX-CURL-436287 - Introduced through: apt/apt-transport-https@1.2.27, curl@7.47.0-1ubuntu2.8, software-properties/software-properties-common@0.96.20.7 - From: apt/apt-transport-https@1.2.27 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 - From: curl@7.47.0-1ubuntu2.8 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 - From: software-properties/software-properties-common@0.96.20.7 > software-properties/python3-software-properties@0.96.20.7 > pycurl/python3-pycurl@7.43.0-1ubuntu1 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 - and 1 more... - Introduced by your base image (phusion/baseimage:0.10.2) - Fixed in: 7.47.0-1ubuntu2.12 - -✗ High severity vulnerability found in curl/libcurl3-gnutls - Description: Improper Restriction of Operations within the Bounds of a Memory Buffer - Info: https://snyk.io/vuln/SNYK-LINUX-CURL-447362 - Introduced through: apt/apt-transport-https@1.2.27, curl@7.47.0-1ubuntu2.8, software-properties/software-properties-common@0.96.20.7 - From: apt/apt-transport-https@1.2.27 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 - From: curl@7.47.0-1ubuntu2.8 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 - From: software-properties/software-properties-common@0.96.20.7 > software-properties/python3-software-properties@0.96.20.7 > pycurl/python3-pycurl@7.43.0-1ubuntu1 > curl/libcurl3-gnutls@7.47.0-1ubuntu2.8 - and 1 more... - Introduced by your base image (phusion/baseimage:0.10.2) - Fixed in: 7.47.0-1ubuntu2.13 - -✗ High severity vulnerability found in bzip2/libbz2-1.0 - Description: Out-of-bounds Write - Info: https://snyk.io/vuln/SNYK-LINUX-BZIP2-450767 - Introduced through: meta-common-packages@meta - From: meta-common-packages@meta > bzip2/libbz2-1.0@1.0.6-8 - Introduced by your base image (phusion/baseimage:0.10.2) - Fixed in: 1.0.6-8ubuntu0.2 - -✗ High severity vulnerability found in bash - Description: Improper Input Validation - Info: https://snyk.io/vuln/SNYK-LINUX-BASH-441206 - Introduced through: bash@4.3-14ubuntu1.2 - From: bash@4.3-14ubuntu1.2 - Introduced by your base image (phusion/baseimage:0.10.2) - Fixed in: 4.3-14ubuntu1.4 - -✗ High severity vulnerability found in apt - Description: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') - Info: https://snyk.io/vuln/SNYK-LINUX-APT-257888 - Introduced through: apt@1.2.27, apt/apt-utils@1.2.27, apt/libapt-pkg5.0@1.2.27, apt/apt-transport-https@1.2.27, software-properties/software-properties-common@0.96.20.7 - From: apt@1.2.27 - From: apt/apt-utils@1.2.27 > apt@1.2.27 - From: apt/libapt-pkg5.0@1.2.27 - and 9 more... - Introduced by your base image (phusion/baseimage:0.10.2) - Fixed in: 1.2.29ubuntu0.1 - -✗ High severity vulnerability found in apparmor/libapparmor1 - Description: Security Features - Info: https://snyk.io/vuln/SNYK-LINUX-APPARMOR-111398 - Introduced through: apparmor/libapparmor1@2.10.95-0ubuntu2.9, init-system-helpers/init@1.29ubuntu4 - From: apparmor/libapparmor1@2.10.95-0ubuntu2.9 - From: init-system-helpers/init@1.29ubuntu4 > systemd/systemd-sysv@229-4ubuntu21.4 > systemd@229-4ubuntu21.4 > apparmor/libapparmor1@2.10.95-0ubuntu2.9 - Introduced by your base image (phusion/baseimage:0.10.2) - - - - -Organisation: barrage-ivan -Package manager: deb -Target file: Dockerfile -Docker image: stealthcoind -Base image: phusion/baseimage:0.10.2 - -Tested 185 dependencies for known vulnerabilities, found 144 vulnerabilities. - -Remediation advice for your base image (phusion/baseimage:0.10.2) is not currently available, but will be soon. See above for details and fixes on individual vulnerabilities - -Pro tip: use `--exclude-base-image-vulns` to exclude from display Docker base image vulnerabilities. - -To remove this message in the future, please run `snyk config set disableSuggestions=true` - diff --git a/contrib/docker/scripts/stealth_init.mine b/contrib/docker/scripts/stealth_init.mine deleted file mode 100644 index 1b46932..0000000 --- a/contrib/docker/scripts/stealth_init.mine +++ /dev/null @@ -1,26 +0,0 @@ -#!/bin/bash - -set -ex - -b58alpha='123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz' - -# This shouldn't be in the Dockerfile or containers built from the same image -# will have the same credentials. -if [ ! -e "$HOME/.StealthCoin/StealthCoin.conf" ]; then - mkdir -p $HOME/.StealthCoin - - echo "Creating StealthCoin.conf" - - # Seed a random password for JSON RPC server - cat < $HOME/.StealthCoin/StealthCoin.conf -printtoconsole=${PRINTTOCONSOLE:-1} -rpcuser=${RPCUSER:-stealthrpc} -rpcpassword=${RPCPASSWORD:-`&2 && false; })" -eval set -- "$opts" - -declare -a argTests=() -declare -a configs=() -dryRun= -while true; do - flag=$1 - shift - case "$flag" in - --dry-run) dryRun=1 ;; - --help|-h|'-?') usage && exit 0 ;; - --test|-t) argTests["$1"]=1 && shift ;; - --config|-c) configs+=("$(readlink -f "$1")") && shift ;; - --) break ;; - *) - { - echo "error: unknown flag: $flag" - usage - } >&2 - exit 1 - ;; - esac -done - -if [ $# -eq 0 ]; then - usage >&2 - exit 1 -fi - -# declare configuration variables -declare -a globalTests=() -declare -a testAlias=() -declare -a imageTests=() -declare -a globalExcludeTests=() -declare -a explicitTests=() - -# if there are no user-specified configs, use the default config -if [ ${#configs} -eq 0 ]; then - configs+=("$dir/config.sh") -fi - -# load the configs -declare -a testPaths=() -for conf in "${configs[@]}"; do - . "$conf" - - # Determine the full path to any newly-declared tests - confDir="$(dirname "$conf")" - - for testName in ${globalTests[@]} ${imageTests[@]}; do - [ "${testPaths[$testName]}" ] && continue - - if [ -d "$confDir/tests/$testName" ]; then - # Test directory found relative to the conf file - testPaths[$testName]="$confDir/tests/$testName" - elif [ -d "$dir/tests/$testName" ]; then - # Test directory found in the main tests/ directory - testPaths[$testName]="$dir/tests/$testName" - fi - done -done - -didFail= -for dockerImage in "$@"; do - echo "testing $dockerImage" - - if ! docker inspect "$dockerImage" &> /dev/null; then - echo $'\timage does not exist!' - didFail=1 - continue - fi - - repo="${dockerImage%:*}" - tagVar="${dockerImage#*:}" - #version="${tagVar%-*}" - variant="${tagVar##*-}" - - testRepo=$repo - [ -z "${testAlias[$repo]}" ] || testRepo="${testAlias[$repo]}" - - explicitVariant= - if [ \ - "${explicitTests[:$variant]}" \ - -o "${explicitTests[$repo:$variant]}" \ - -o "${explicitTests[$testRepo:$variant]}" \ - ]; then - explicitVariant=1 - fi - - testCandidates=() - if [ -z "$explicitVariant" ]; then - testCandidates+=( "${globalTests[@]}" ) - fi - testCandidates+=( - ${imageTests[:$variant]} - ) - if [ -z "$explicitVariant" ]; then - testCandidates+=( - ${imageTests[$testRepo]} - ) - fi - testCandidates+=( - ${imageTests[$testRepo:$variant]} - ) - if [ "$testRepo" != "$repo" ]; then - if [ -z "$explicitVariant" ]; then - testCandidates+=( - ${imageTests[$repo]} - ) - fi - testCandidates+=( - ${imageTests[$repo:$variant]} - ) - fi - - tests=() - for t in "${testCandidates[@]}"; do - if [ ${#argTests[@]} -gt 0 -a -z "${argTests[$t]}" ]; then - # skipping due to -t - continue - fi - - if [ \ - ! -z "${globalExcludeTests[${testRepo}_$t]}" \ - -o ! -z "${globalExcludeTests[${testRepo}:${variant}_$t]}" \ - -o ! -z "${globalExcludeTests[:${variant}_$t]}" \ - -o ! -z "${globalExcludeTests[${repo}_$t]}" \ - -o ! -z "${globalExcludeTests[${repo}:${variant}_$t]}" \ - -o ! -z "${globalExcludeTests[:${variant}_$t]}" \ - ]; then - # skipping due to exclude - continue - fi - - tests+=( "$t" ) - done - - currentTest=0 - totalTest="${#tests[@]}" - for t in "${tests[@]}"; do - (( currentTest+=1 )) - echo -ne "\t'$t' [$currentTest/$totalTest]..." - - # run test against dockerImage here - # find the script for the test - scriptDir="${testPaths[$t]}" - if [ -d "$scriptDir" ]; then - script="$scriptDir/run.sh" - if [ -x "$script" -a ! -d "$script" ]; then - # TODO dryRun logic - if output="$("$script" $dockerImage)"; then - if [ -f "$scriptDir/expected-std-out.txt" ] && ! d="$(echo "$output" | diff -u "$scriptDir/expected-std-out.txt" - 2>/dev/null)"; then - echo 'failed; unexpected output:' - echo "$d" - didFail=1 - else - echo 'passed' - fi - else - echo 'failed' - didFail=1 - fi - else - echo "skipping" - echo >&2 "error: $script missing, not executable or is a directory" - didFail=1 - continue - fi - else - echo "skipping" - echo >&2 "error: unable to locate test '$t'" - didFail=1 - continue - fi - done -done - -if [ "$didFail" ]; then - exit 1 -fi diff --git a/contrib/docker/test/tests/docker-build.sh b/contrib/docker/test/tests/docker-build.sh deleted file mode 100755 index 1eefd05..0000000 --- a/contrib/docker/test/tests/docker-build.sh +++ /dev/null @@ -1,39 +0,0 @@ -#!/bin/bash -set -e - -# wrapper around "docker build" that creates a temporary directory and copies files into it first so that arbitrary host directories can be copied into containers without bind mounts, but accepts a Dockerfile on stdin - -# usage: ./docker-build.sh some-host-directory some-new-image:some-tag < "$tmp/Dockerfile" - -from="$(awk -F '[ \t]+' 'toupper($1) == "FROM" { print $2; exit }' "$tmp/Dockerfile")" -onbuilds="$(docker inspect -f '{{len .Config.OnBuild}}' "$from")" -if [ "$onbuilds" -gt 0 ]; then - # crap, the image we want to build has some ONBUILD instructions - # those are kind of going to ruin our day - # let's do some hacks to strip those bad boys out in a new fake layer - "$(dirname "$(readlink -f "$BASH_SOURCE")")/remove-onbuild.sh" "$from" "$imageTag" - awk -F '[ \t]+' 'toupper($1) == "FROM" { $2 = "'"$imageTag"'" } { print }' "$tmp/Dockerfile" > "$tmp/Dockerfile.new" - mv "$tmp/Dockerfile.new" "$tmp/Dockerfile" -fi - -cp -RL "$dir" "$tmp/dir" - -docker build -t "$imageTag" "$tmp" > /dev/null diff --git a/contrib/docker/test/tests/image-name.sh b/contrib/docker/test/tests/image-name.sh deleted file mode 100755 index 1842970..0000000 --- a/contrib/docker/test/tests/image-name.sh +++ /dev/null @@ -1,10 +0,0 @@ -#!/bin/bash -set -e - -# usage: ./image-name.sh librarytest/something some/image:some-tag -# output: librarytest/something:some-image-some-tag - -base="$1"; shift -tag="$1"; shift - -echo "$base:$(echo "$tag" | sed 's![:/]!-!g')" diff --git a/contrib/docker/test/tests/rpcpassword/container.sh b/contrib/docker/test/tests/rpcpassword/container.sh deleted file mode 100644 index a22ca4f..0000000 --- a/contrib/docker/test/tests/rpcpassword/container.sh +++ /dev/null @@ -1,26 +0,0 @@ -#!/bin/bash -set -e - -# Generate the password the first time -btc_init 2>/dev/null -eval `grep rpcpassword $HOME/.StealthCoin/StealthCoin.conf` -rpcpassword1=$rpcpassword - -# Generate the password again -rm ~/.StealthCoin/StealthCoin.conf -btc_init 2>/dev/null -eval `grep rpcpassword $HOME/.StealthCoin/StealthCoin.conf` -rpcpassword2=$rpcpassword - - -# Check that password looks like a auto-generated base64 random value or better -if [ ${#rpcpassword} -lt 16 ]; then - echo "FAIL: RPC Password does not appear long enough" >&2 - exit 1 -fi - -# Check that each password was at least different -if [ "$rpcpassword1" = "$rpcpassword2" ]; then - echo "FAIL: RPC Password does not appear to be random" >&2 - exit 2 -fi diff --git a/contrib/docker/test/tests/rpcpassword/run.sh b/contrib/docker/test/tests/rpcpassword/run.sh deleted file mode 120000 index 2778ad9..0000000 --- a/contrib/docker/test/tests/rpcpassword/run.sh +++ /dev/null @@ -1 +0,0 @@ -../run-bash-in-container.sh \ No newline at end of file diff --git a/contrib/docker/test/tests/run-bash-in-container.sh b/contrib/docker/test/tests/run-bash-in-container.sh deleted file mode 100755 index ace3dfc..0000000 --- a/contrib/docker/test/tests/run-bash-in-container.sh +++ /dev/null @@ -1,7 +0,0 @@ -#!/bin/bash -set -e - -testDir="$(readlink -f "$(dirname "$BASH_SOURCE")")" -runDir="$(dirname "$(readlink -f "$BASH_SOURCE")")" - -source "$runDir/run-in-container.sh" "$testDir" "$1" bash ./container.sh diff --git a/contrib/docker/test/tests/run-in-container.sh b/contrib/docker/test/tests/run-in-container.sh deleted file mode 100755 index b937d4b..0000000 --- a/contrib/docker/test/tests/run-in-container.sh +++ /dev/null @@ -1,46 +0,0 @@ -#!/bin/bash -set -e - -# NOT INTENDED TO BE USED AS A TEST "run.sh" DIRECTLY -# SEE OTHER "run-*-in-container.sh" SCRIPTS FOR USAGE - -testDir="$1" -shift - -image="$1" -shift -entrypoint="$1" -shift - -# do some fancy footwork so that if testDir is /a/b/c, we mount /a/b and use c as the working directory (so relative symlinks work one level up) -thisDir="$(dirname "$(readlink -f "$BASH_SOURCE")")" -testDir="$(readlink -f "$testDir")" -testBase="$(basename "$testDir")" -hostMount="$(dirname "$testDir")" -containerMount="/tmp/test-dir" -workdir="$containerMount/$testBase" -# TODO should we be doing something fancy with $BASH_SOURCE instead so we can be arbitrarily deep and mount the top level always? - -newImage="$("$thisDir/image-name.sh" librarytest/run-in-container "$image--$testBase")" -"$thisDir/docker-build.sh" "$hostMount" "$newImage" < Date: Tue, 20 Apr 2021 07:51:01 +0200 Subject: [PATCH 2/2] added base image dockerfile for ci/cd pipeline --- .../docker/Dockerfile-ubuntu-20.04-pipeline | 59 +++++++++++++++++++ 1 file changed, 59 insertions(+) create mode 100644 contrib/docker/Dockerfile-ubuntu-20.04-pipeline diff --git a/contrib/docker/Dockerfile-ubuntu-20.04-pipeline b/contrib/docker/Dockerfile-ubuntu-20.04-pipeline new file mode 100644 index 0000000..552d63c --- /dev/null +++ b/contrib/docker/Dockerfile-ubuntu-20.04-pipeline @@ -0,0 +1,59 @@ +FROM ubuntu:20.04 as build + +# install bulk of dependencies +RUN apt-get update \ + && apt-get upgrade -y \ + && DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \ + wget vim-common jq ca-certificates git cmake autoconf build-essential \ + openssl libssl-dev doxygen libncurses5-dev \ + libreadline-dev zlib1g-dev \ + tcsh libbz2-dev libtool \ + libssl-dev libprotobuf-dev \ + protobuf-compiler pkg-config p7zip-full \ + libcurl4-openssl-dev unzip curl python-dev \ + libxml2-dev libxslt1-dev libkrb5-dev + +# install BDB and LibEvent +ENV HOME /root +RUN cd \ + && mkdir -p ${HOME}/Deps/bdb \ + && cd ${HOME}/Deps/bdb \ + && wget http://download.oracle.com/berkeley-db/db-4.8.30.NC.tar.gz \ + && echo '12edc0df75bf9abd7f82f821795bcee50f42cb2e5f76a6a281b85732798364ef db-4.8.30.NC.tar.gz' | sha256sum -c \ + && tar xvf db-4.8.30.NC.tar.gz \ + && cd db-4.8.30.NC/build_unix/ \ + && sed -i 's/__atomic_compare_exchange/__atomic_compare_exchange_db/g' ../dbinc/atomic.h \ + && ../dist/configure --disable-shared --enable-cxx --with-pic --prefix=/usr/local \ + && make -j2 \ + && make install + +# install libevent +RUN apt-get install -y --no-install-recommends libevent-dev \ + && apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* + +# set key environment variables +ENV DEPS ${HOME}/Deps +RUN cd ${DEPS} +ENV XSTDIR ${DEPS}/stealth + +# build boost +ENV BOOSTR 1 +ENV BOOSTS 65 +ENV BOOSTM 1 +ENV BOOSTP ${BOOSTR}_${BOOSTS}_${BOOSTM} +ENV BOOSTV ${BOOSTR}.${BOOSTS}.${BOOSTM} +ENV BUILDDIR build-xst +ENV BOOST_ROOT ${DEPS}/boost/boost-xst + +RUN mkdir -p ${DEPS}/boost \ + && wget https://sourceforge.net/projects/boost/files/boost/${BOOSTV}/boost_${BOOSTP}.tar.bz2 \ + && tar xvf boost_${BOOSTP}.tar.bz2 \ + && mkdir -p ${BOOST_ROOT} \ + && cd boost_${BOOSTP} \ + && ./bootstrap.sh \ + && ./b2 --prefix=$BOOST_ROOT --build-dir=${BUILDDIR} link=static install + +# build the stealth client +ENV BOOST_LIB_PATH ${BOOST_ROOT}/lib +ENV BOOST_INCLUDE_PATH ${BOOST_ROOT}/include +ENV BOOST_LIB_SUFFIX ""