openSUSE 15 Backports: 2022:10081-1 Moderate: trivy Security Flaw
opensuse
August 6, 2022
An update that fixes one vulnerability is now available
Description
This update for trivy fixes the following issues:
trivy was updated to version 0.30.4:
* fix: remove the first arg when running as a plugin (#2595)
* fix: k8s controlplaner scanning (#2593)
* fix(vuln): GitLab report template (#2578)
Update to version 0.30.3:
* fix(server): use a new db worker for hot updates (#2581)
* docs: add trivy with download-db-only flag to Air-Gapped Environment
(#2583)
* docs: split commands to download db for different versions of oras
(#2582)
* feat(report): export exitcode for license checks (#2564)
* fix: cli can use lowercase for severities (#2565)
* fix: allow subcommands with TRIVY_RUN_AS_PLUGIN (#2577)
* fix: add missing types in TypeOSes and TypeLanguages in analyzer (#2569)
* fix: enable some features of the wasm runtime (#2575)
* fix(k8s): no error logged if trivy can't get docker image in kubernetes
mode (#2521)
* docs(sbom): improve sbom attestation documentation (#2566)
...
Read the Full Advisory
Topics Covered
Patch
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP4:
zypper in -t patch openSUSE-2022-10081=1
Package List
- openSUSE Backports SLE-15-SP4 (aarch64 i586 s390x x86_64):
trivy-0.30.4-bp154.2.6.1
References
https://www.suse.com/security/cve/CVE-2022-1996.html
PREVIOUS
NEXT
Announcement ID: openSUSE-SU-2022:10081-1
Rating: moderate
Affected Products:
openSUSE Backports SLE-15-SP4
.
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!