Skip to content
This repository has been archived by the owner on Oct 12, 2022. It is now read-only.

Commit

Permalink
Allowlist CVE-2020-28928 as its resolved in musl 1.2.2 and being flagged
Browse files Browse the repository at this point in the history
  • Loading branch information
myoung34 committed Apr 4, 2021
1 parent 4e644d5 commit 4b6f5ff
Show file tree
Hide file tree
Showing 3 changed files with 5 additions and 1 deletion.
3 changes: 3 additions & 0 deletions .claire.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
generalwhitelist:
# musl 1.2.2 resolves -> A buffer overflow (CVE-2020-28928) in wcsnrtombs has been fixed with the function essentially rewritten
CVE-2020-28928: musl
1 change: 1 addition & 0 deletions .dockerignore
Original file line number Diff line number Diff line change
Expand Up @@ -4,3 +4,4 @@ Dockerfile
Makefile
.git
LICENSE
.claire.yml
2 changes: 1 addition & 1 deletion .github/workflows/sast.yml
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@ jobs:
- name: Build
run: docker build -t myoung34/tilty:latest .
- name: Test
run: ./clair-scanner --ip $(ip -f inet addr show eth0 | grep -Po 'inet \K[\d.]+') myoung34/tilty:latest
run: ./clair-scanner -w .claire.yml --ip $(ip -f inet addr show eth0 | grep -Po 'inet \K[\d.]+') myoung34/tilty:latest
bandit:
runs-on: ubuntu-latest
strategy:
Expand Down

0 comments on commit 4b6f5ff

Please sign in to comment.