fix: Update node version, reduce CVE's #269

jweak · 2024-04-17T11:33:57Z

Customer reported vulnerability CVE-2023-4911 is found in bored-agent

This is not present in node:18-bullseye-slim

Running trivy with old vs new:

OLD node:16-bullseye-slim:

quay.io/k8slens/bored-agent:0.11.0 (debian 11.7)
================================================
Total: 150 (UNKNOWN: 0, LOW: 76, MEDIUM: 39, HIGH: 33, CRITICAL: 2)

Node.js (node-pkg)
==================
Total: 8 (UNKNOWN: 0, LOW: 0, MEDIUM: 7, HIGH: 1, CRITICAL: 0)

NEW node:18-bullseye-slim:

new-bored:latest (debian 11.9)
==============================
Total: 128 (UNKNOWN: 0, LOW: 74, MEDIUM: 32, HIGH: 20, CRITICAL: 2)

Node.js (node-pkg)
==================
Total: 3 (UNKNOWN: 0, LOW: 0, MEDIUM: 3, HIGH: 0, CRITICAL: 0)

Installed locally built image to a cluster and tested the connection through spaces. Worked fine.

Fixes https://github.com/lensapp/lens-desktop-monorepo/issues/2326

Signed-off-by: Juho Heikka <[email protected]>

fix: Update node version, reduce CVE's

f6254f5

Signed-off-by: Juho Heikka <[email protected]>

jweak added bug Something isn't working docker Pull requests that update Docker code labels Apr 17, 2024

jweak requested review from jakolehm and a team April 17, 2024 11:33

aleksfront approved these changes Apr 17, 2024

View reviewed changes

jweak merged commit ae94469 into main Apr 18, 2024
3 checks passed

jweak deleted the update-node-image branch April 18, 2024 05:39

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

fix: Update node version, reduce CVE's #269

fix: Update node version, reduce CVE's #269

jweak commented Apr 17, 2024 •

edited

Loading

fix: Update node version, reduce CVE's #269

fix: Update node version, reduce CVE's #269

Conversation

jweak commented Apr 17, 2024 • edited Loading

jweak commented Apr 17, 2024 •

edited

Loading