You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@camel.apache.org by "ajbisht (via GitHub)" <gi...@apache.org> on 2023/07/14 11:26:48 UTC

[GitHub] [camel-k] ajbisht opened a new issue, #4581: Image Vulnerability of Go package

ajbisht opened a new issue, #4581:
URL: https://github.com/apache/camel-k/issues/4581

   Hi
   
   Please let me know when will be the next release of Camel K image will come as there is a critical vulnerability of Go package in 1.12.0 version


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@camel.apache.org.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [camel-k] squakez commented on issue #4581: Image Vulnerability of Go package

Posted by "squakez (via GitHub)" <gi...@apache.org>.

squakez commented on issue #4581:
URL: https://github.com/apache/camel-k/issues/4581#issuecomment-1635782806

   We're planning to release Camel K 2 very soon. Stay tuned.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@camel.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [camel-k] claudio4j commented on issue #4581: Image Vulnerability of Go package

Posted by "claudio4j (via GitHub)" <gi...@apache.org>.

claudio4j commented on issue #4581:
URL: https://github.com/apache/camel-k/issues/4581#issuecomment-1649896992

   @ajbisht how do you see the image vulnerability ? 


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@camel.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [camel-k] ajbisht commented on issue #4581: Image Vulnerability of Go package

Posted by "ajbisht (via GitHub)" <gi...@apache.org>.

ajbisht commented on issue #4581:
URL: https://github.com/apache/camel-k/issues/4581#issuecomment-1649889811

   Hi,
   
   Camel 2.0 has the same vulnerabilities. 


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@camel.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [camel-k] oscerd commented on issue #4581: Image Vulnerability of Go package

Posted by "oscerd (via GitHub)" <gi...@apache.org>.

oscerd commented on issue #4581:
URL: https://github.com/apache/camel-k/issues/4581#issuecomment-1635725533

   There is a 1.12.1 release already


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@camel.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [camel-k] ajbisht commented on issue #4581: Image Vulnerability of Go package

Posted by "ajbisht (via GitHub)" <gi...@apache.org>.

ajbisht commented on issue #4581:
URL: https://github.com/apache/camel-k/issues/4581#issuecomment-1649903523

   @claudio4j  There is a Prisma Cloud Twistlock Image scanner in the Clients Infrastructure. 
    So when we try to push  the Public Docker image to nexus private registry, Jenkins sends scanning request for the public image and if we have Critical and High Vulnerabilities , Jenkins fails the pipeline.
   
   @squakez Thanks. Will send the email with details.
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@camel.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

Re: [I] Image Vulnerability of Go package [camel-k]

Posted by "github-actions[bot] (via GitHub)" <gi...@apache.org>.

github-actions[bot] commented on issue #4581:
URL: https://github.com/apache/camel-k/issues/4581#issuecomment-1780227870

   This issue has been automatically marked as stale due to 90 days of inactivity.
   It will be closed if no further activity occurs within 15 days.
   If you think that’s incorrect or the issue should never stale, please simply write any comment.
   Thanks for your contributions!


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@camel.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [camel-k] ajbisht commented on issue #4581: Image Vulnerability of Go package

Posted by "ajbisht (via GitHub)" <gi...@apache.org>.

ajbisht commented on issue #4581:
URL: https://github.com/apache/camel-k/issues/4581#issuecomment-1635736163

   sorry my bad Vulnerabilities are in 1.12.1 only 


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@camel.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [camel-k] squakez commented on issue #4581: Image Vulnerability of Go package

Posted by "squakez (via GitHub)" <gi...@apache.org>.

squakez commented on issue #4581:
URL: https://github.com/apache/camel-k/issues/4581#issuecomment-1651080138

   Hi @ajbisht I think that one won't work as you need to be subscribed to lists before. You should follow the guidelines to [report a security issue](https://camel.apache.org/community/support/#reporting-security-issues). Please, provide all information over there and we'll be notify by the security team accordingly. Thanks!


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@camel.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

Re: [I] Image Vulnerability of Go package [camel-k]

Posted by "github-actions[bot] (via GitHub)" <gi...@apache.org>.

github-actions[bot] closed issue #4581: Image Vulnerability of Go package
URL: https://github.com/apache/camel-k/issues/4581


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@camel.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [camel-k] squakez commented on issue #4581: Image Vulnerability of Go package

Posted by "squakez (via GitHub)" <gi...@apache.org>.

squakez commented on issue #4581:
URL: https://github.com/apache/camel-k/issues/4581#issuecomment-1649899803

   @ajbisht please, send an email to private@camel.apache.org in order to provide all details related to the vulnerability you're referring to. Thanks.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@camel.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org