Skip to content

GitLab

  • Projects
  • Groups
  • Snippets
  • Help
    • Loading...
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in / Register
aports
aports
  • Project overview
    • Project overview
    • Details
    • Activity
    • Releases
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
  • Issues 649
    • Issues 649
    • List
    • Boards
    • Labels
    • Service Desk
    • Milestones
  • Merge Requests 180
    • Merge Requests 180
  • CI / CD
    • CI / CD
    • Pipelines
    • Jobs
    • Schedules
  • Operations
    • Operations
    • Environments
  • Analytics
    • Analytics
    • CI / CD
    • Repository
    • Value Stream
  • Members
    • Members
  • Collapse sidebar
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
  • alpine
  • aportsaports
  • Issues
  • #9067

Closed
Open
Opened Jul 09, 2018 by algitbot@rootOwner
  • Report abuse
  • New issue
Report abuse New issue

Package name error in alpine-secdb

Hi,

https://git.alpinelinux.org/cgit/alpine-secdb/tree/v3.7/main.yaml\#n397 says there are two CVEs open on package libressl prior to 2.6.5-r0 in Alpine 3.7 (and certainly earlier, I haven’t checked). However, Alpine 3.7 does not have a package named exactly libressl; it has two packages, named libressl2.6-libcrypto and libressl2.6-libssl. The version of those packages in the instances I see is 2.6.3-r0, thus concerned by the CVE.

This difference in naming means that the Clair security scanner does not detect that there is a concern on these images and that they should be updated.

(from redmine: issue id 9067, created on 2018-07-09, closed on 2018-07-13)

To upload designs, you'll need to enable LFS and have admin enable hashed storage. More information
Assignee
Assign to
3.7.1
Milestone
3.7.1 (Past due)
Assign milestone
Time tracking
None
Due date
None
4
Labels
High Rejected tag:security type:bug
Assign labels
  • View project labels
Reference: alpine/aports#9067