Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Security upgrade ubuntu from rolling to 22.10 #11389

Merged
merged 3 commits into from
Apr 22, 2023
Merged

[Snyk] Security upgrade ubuntu from rolling to 22.10 #11389

merged 3 commits into from
Apr 22, 2023

Conversation

glenn-jocher
Copy link
Member

@glenn-jocher glenn-jocher commented Apr 19, 2023
edited by UltralyticsAssistant
Loading

This PR was automatically created by Snyk using the credentials of a real user.


Keeping your Docker base image up-to-date means you’ll benefit from security fixes in the latest version of your chosen image.

Changes included in this PR

  • utils/docker/Dockerfile-cpu

We recommend upgrading to ubuntu:22.10, as this image has only 7 known vulnerabilities. To do this, merge this pull request, then verify your application still works as expected.

Some of the most important vulnerabilities in your base image include:

Severity Issue Exploit Maturity
medium severity Information Exposure
SNYK-UBUNTU2210-GNUTLS28-3319585		 No Known Exploit
medium severity Resource Exhaustion
SNYK-UBUNTU2210-SYSTEMD-3148007		 No Known Exploit
medium severity Resource Exhaustion
SNYK-UBUNTU2210-SYSTEMD-3148007		 No Known Exploit
medium severity CVE-2022-4415
SNYK-UBUNTU2210-SYSTEMD-3180315		 No Known Exploit
medium severity Out-of-bounds Read
SNYK-UBUNTU2210-TAR-3261142		 No Known Exploit

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Resource Exhaustion

🛠️ PR Summary

Made with ❤️ by Ultralytics Actions

🌟 Summary

Update Dockerfile base images to Ubuntu 22.10 for ARM64 and CPU architectures.

📊 Key Changes

  • Changed the base image from arm64v8/ubuntu:rolling to arm64v8/ubuntu:22.10 in Dockerfile-arm64.
  • Changed the base image from ubuntu:rolling to ubuntu:22.10 in Dockerfile-cpu.

🎯 Purpose & Impact

  • Ensures compatibility and security by using a specific Ubuntu release.
  • Reduces potential issues related to using a rolling version which can introduce breaking changes.
  • Helps users with ARM64 architectures, such as Apple M1, Jetson Nano, and Raspberry Pi, and those who run CPU-optimized Docker containers with more stable and predictable environments. 🚀🛠️

@glenn-jocher glenn-jocher merged commit 3e14883 into master Apr 22, 2023
6 checks passed
@glenn-jocher glenn-jocher deleted the snyk-fix-f0f134b5f11deaf5e04b4f3e6a161f60 branch April 22, 2023 23:49
bandakopi pushed a commit to irajcode/yolov5 that referenced this pull request Jul 20, 2023
@glenn-jocher @snyk-bot @bandakopi
[Snyk] Security upgrade ubuntu from rolling to 22.10 (ultralytics#11389)
a06929b 
* fix: utils/docker/Dockerfile-cpu to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-UBUNTU2210-GNUTLS28-3319585
- https://snyk.io/vuln/SNYK-UBUNTU2210-SYSTEMD-3148007
- https://snyk.io/vuln/SNYK-UBUNTU2210-SYSTEMD-3148007
- https://snyk.io/vuln/SNYK-UBUNTU2210-SYSTEMD-3180315
- https://snyk.io/vuln/SNYK-UBUNTU2210-TAR-3261142

* Update Dockerfile-arm64

Signed-off-by: Glenn Jocher <glenn.jocher@ultralytics.com>

---------

Signed-off-by: Glenn Jocher <glenn.jocher@ultralytics.com>
Co-authored-by: snyk-bot <snyk-bot@snyk.io>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@glenn-jocher @snyk-bot