Skip to content

v1.2.0 images fail vulnerability scan #3740

New issue
New issue
Closed
#3741
Closed
v1.2.0 images fail vulnerability scan#3740
#3741
Labels
kind/bugCategorizes issue or PR as related to a bug.
@teejaded

Description

@teejaded
teejaded
opened on Mar 4, 2021

Describe the bug:

All the recently released v1.2.0 images are showing an issue with tzdata out of date.

Image 'cert-manager-acmesolver-amd64:v1.2.0' was last scanned on Thu Mar  4 20:14:45 UTC 2021
The scan results show that 3 ISSUES were found for the image.

Vulnerable Packages Found
=========================

Vulnerability ID   Policy Status   Affected Packages   How to Resolve
DLA-2542-1         Active          tzdata              Upgrade tzdata to >= 2021a-0+deb9u1
DLA-2509-1         Active          tzdata              Upgrade tzdata to >= 2021a-0+deb9u1
DLA-2424-1         Active          tzdata              Upgrade tzdata to >= 2021a-0+deb9u1

-->

Expected behaviour:

No out of date packages.

Anything else we need to know?:

Environment details::

  • Kubernetes version: v1.18
  • Cloud-provider/provisioner: IKS
  • cert-manager version: v1.2.0
  • Install method: helm

/kind bug

Metadata

Metadata

Assignees

No one assigned

    Labels

    kind/bugCategorizes issue or PR as related to a bug.

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions