Skip to content

Upgrade tomcat and jdk #16

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 4 commits into
base: master
Choose a base branch
from
Open

Upgrade tomcat and jdk #16

wants to merge 4 commits into from

Conversation

@weiliang-ms
Copy link

@weiliang-ms weiliang-ms commented Aug 22, 2023
edited
Loading

  1. Fixes security vulnerabilities in older versions.
  • old version
$ trivy image kubesphere/java8-runtime:v3.2.0 --skip-db-update
2023-08-22T02:27:39.470-0400    INFO    Vulnerability scanning is enabled
2023-08-22T02:27:39.470-0400    INFO    Secret scanning is enabled
2023-08-22T02:27:39.470-0400    INFO    If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2023-08-22T02:27:39.470-0400    INFO    Please see also https://aquasecurity.github.io/trivy/v0.44/docs/scanner/secret/#recommendation for faster secret detection
2023-08-22T02:27:41.678-0400    INFO    Detected OS: alpine
2023-08-22T02:27:41.678-0400    INFO    Detecting Alpine vulnerabilities...
2023-08-22T02:27:41.711-0400    INFO    Number of language-specific files: 0
2023-08-22T02:27:41.772-0400    WARN    This OS version is no longer supported by the distribution: alpine 3.9.4
2023-08-22T02:27:41.773-0400    WARN    The vulnerability detection may be insufficient because security updates are not provided

kubesphere/java8-runtime:v3.2.0 (alpine 3.9.4)

Total: 274 (UNKNOWN: 0, LOW: 140, MEDIUM: 98, HIGH: 32, CRITICAL: 4)
  • new version
$ trivy image kubesphere/java8-runtime:v3.2.0-new --skip-db-update
2023-08-22T02:40:43.293-0400    INFO    Vulnerability scanning is enabled
2023-08-22T02:40:43.293-0400    INFO    Secret scanning is enabled
2023-08-22T02:40:43.293-0400    INFO    If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2023-08-22T02:40:43.293-0400    INFO    Please see also https://aquasecurity.github.io/trivy/v0.44/docs/scanner/secret/#recommendation for faster secret detection
2023-08-22T02:40:52.152-0400    INFO    JAR files found
2023-08-22T02:40:52.210-0400    INFO    Analyzing JAR files takes a while...
2023-08-22T02:40:52.416-0400    INFO    Detected OS: alpine
2023-08-22T02:40:52.416-0400    INFO    Detecting Alpine vulnerabilities...
2023-08-22T02:40:52.441-0400    INFO    Number of language-specific files: 0

kubesphere/java8-runtime:v3.2.0-new (alpine 3.18.3)

Total: 0 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 0, CRITICAL: 0)
  1. Bump tomcat from 8.5.32 to 8.5.92.

@weiliang-ms
Bump jdk from 1.8.0_212 to 1.8.0_382
3907ca1 
Fixes security vulnerabilities in older versions.
@ks-ci-bot ks-ci-bot added the size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. label Aug 22, 2023
@weiliang-ms
Copy link
Author

weiliang-ms commented Aug 22, 2023

/assign @LinuxSuRen

@ks-ci-bot
Copy link
Collaborator

ks-ci-bot commented Aug 22, 2023

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: weiliang-ms
To complete the pull request process, please ask for approval from linuxsuren after the PR has been reviewed.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@ks-ci-bot ks-ci-bot added size/S Denotes a PR that changes 10-29 lines, ignoring generated files. and removed size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. labels Aug 22, 2023
@weiliang-ms weiliang-ms changed the title Bump jdk from 1.8.0_212 to 1.8.0_382 Upgrade tomcat and jdk Aug 22, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@LinuxSuRen LinuxSuRen

Labels

size/S Denotes a PR that changes 10-29 lines, ignoring generated files.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@weiliang-ms @ks-ci-bot @LinuxSuRen