Skip to content

Vulnerability patch in singleuser-sample #3671

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Aug 7, 2025
Merged

Vulnerability patch in singleuser-sample #3671

merged 1 commit into from
Aug 7, 2025

Conversation

@jupyterhub-bot
Copy link
Collaborator

@jupyterhub-bot jupyterhub-bot commented May 19, 2025
edited
Loading

A rebuild of quay.io/jupyterhub/k8s-singleuser-sample has been found to influence the detected vulnerabilities! This PR will trigger a rebuild because it has updated a comment in the Dockerfile.

About

This scan for known vulnerabilities has been made by aquasecurity/trivy. Trivy was configured to filter the vulnerabilities with the following settings:

  • ignore-unfixed: true

Before

Before trying to rebuild the image, the following vulnerabilities was detected in quay.io/jupyterhub/k8s-singleuser-sample:4.2.1-0.dev.git.7099.h1b44b8bd.

Target Vuln. ID Package Name Installed v. Fixed v.
debian CVE-2025-32988 libgnutls30 3.7.9-2+deb12u4 3.7.9-2+deb12u5
debian CVE-2025-32989 libgnutls30 3.7.9-2+deb12u4 3.7.9-2+deb12u5
debian CVE-2025-32990 libgnutls30 3.7.9-2+deb12u4 3.7.9-2+deb12u5
debian CVE-2025-6395 libgnutls30 3.7.9-2+deb12u4 3.7.9-2+deb12u5

After

Target Vuln. ID Package Name Installed v. Fixed v.

@jupyterhub-bot jupyterhub-bot added the image:rebuild-to-patch-vuln Image rebuild to patch a known external vulnerability label May 19, 2025
@jupyterhub-bot jupyterhub-bot force-pushed the vuln-scan-singleuser-sample branch 2 times, most recently from c6657f2 to 8002820 Compare June 2, 2025 05:08
@jupyterhub-bot jupyterhub-bot force-pushed the vuln-scan-singleuser-sample branch from 8002820 to ad895e5 Compare June 9, 2025 05:08
@jupyterhub-bot jupyterhub-bot force-pushed the vuln-scan-singleuser-sample branch from ad895e5 to 9b8f4cb Compare June 16, 2025 05:09
@jupyterhub-bot jupyterhub-bot force-pushed the vuln-scan-singleuser-sample branch 2 times, most recently from 081622f to 271e17b Compare July 1, 2025 08:08
@jupyterhub-bot jupyterhub-bot force-pushed the vuln-scan-singleuser-sample branch from 271e17b to 39163f7 Compare July 7, 2025 05:09
@jupyterhub-bot jupyterhub-bot force-pushed the vuln-scan-singleuser-sample branch from 39163f7 to 747600c Compare July 14, 2025 05:11
@jupyterhub-bot jupyterhub-bot force-pushed the vuln-scan-singleuser-sample branch from 747600c to d8ba833 Compare July 21, 2025 05:12
@jupyterhub-bot jupyterhub-bot force-pushed the vuln-scan-singleuser-sample branch 2 times, most recently from 572a719 to 2729631 Compare August 1, 2025 07:11
@jupyterhub-bot jupyterhub-bot force-pushed the vuln-scan-singleuser-sample branch from 2729631 to 472e8e6 Compare August 4, 2025 05:19
@minrk minrk merged commit c400f2e into main Aug 7, 2025
16 checks passed
@minrk minrk deleted the vuln-scan-singleuser-sample branch August 7, 2025 18:19
consideRatio pushed a commit to jupyterhub/helm-chart that referenced this pull request Aug 7, 2025
[jupyterhub] Automatic update for commit 4.2.1-0.dev.git.7119.hc400f2eb
7d58a4d 
jupyterhub/zero-to-jupyterhub-k8s#3671 Merge pull request #3671 from jupyterhub/vuln-scan-singleuser-sample
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@consideRatio consideRatio Awaiting requested review from consideRatio

Assignees

No one assigned

Labels

image:rebuild-to-patch-vuln Image rebuild to patch a known external vulnerability

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@jupyterhub-bot @minrk