syft
syft copied to clipboard
anchore
Support bitnami/mysql:8.x
What would you like to be added:
Support MySQL 8.x in binary detection // Since current check target file is mysql (not mysqld), I check file - mysql in this time.
Additional context:
$ syft bitnami/mysql:8.4 | grep mysql
✔ Loaded image bitnami/mysql:8.4
✔ Parsed image sha256:4caaa8e835734a48368f180071cf416fdedec7a712f6c05c1c3a901684930910
✔ Cataloged contents fd9f3d4ed4691b2840ea58cd8a4724c74246441acf668168e4aa0d9d561d6e77
├── ✔ Packages [141 packages]
├── ✔ File digests [5,607 files]
├── ✔ File metadata [5,607 locations]
└── ✔ Executables [1,196 executables]
$ syft bitnami/mysql:8.0 | grep mysql
✔ Pulled image
✔ Loaded image bitnami/mysql:8.0
✔ Parsed image sha256:a33bc1da8a94144b0233826dcc003664c4890c2ed0a38471ee775d9b30a47abe
✔ Cataloged contents 849eb46e9d7fcb381519b9a2f1d49f44fdfccb2ff01fb7b2f38ab8c4fd3f9570
├── ✔ Packages [141 packages]
├── ✔ File digests [5,607 files]
├── ✔ File metadata [5,607 locations]
└── ✔ Executables [1,017 executables]
$ docker run -it --rm bitnami/mysql:8.0 mysql --version
mysql 13:45:23.94 INFO ==>
mysql 13:45:23.94 INFO ==> Welcome to the Bitnami mysql container
mysql 13:45:23.95 INFO ==> Subscribe to project updates by watching https://github.com/bitnami/containers
mysql 13:45:23.95 INFO ==> Submit issues and feature requests at https://github.com/bitnami/containers/issues
mysql 13:45:23.95 INFO ==> Upgrade to Tanzu Application Catalog for production environments to access custom-configured and pre-packaged software components. Gain enhanced features, including Software Bill of Materials (SBOM), CVE scan result reports, and VEX documents. To learn more, visit https://bitnami.com/enterprise
mysql 13:45:23.95 INFO ==>
mysql Ver 8.0.38 for Linux on x86_64 (Source distribution)
$ docker run -it --rm bitnami/mysql:8.0 strings /opt/bitnami/mysql/bin/mysql | grep -C 2 -E '8\.0\.38'
UNKNOWN_USER
shutdown
8.0.38
mysql_real_escape_string_quote
mysql_real_escape_string
$ docker run -it --rm bitnami/mysql:8.1 mysql --version
mysql 13:48:58.97
mysql 13:48:58.97 Welcome to the Bitnami mysql container
mysql 13:48:58.97 Subscribe to project updates by watching https://github.com/bitnami/containers
mysql 13:48:58.97 Submit issues and feature requests at https://github.com/bitnami/containers/issues
mysql 13:48:58.98
mysql Ver 8.1.0 for Linux on x86_64 (Source distribution)
$ docker run -it --rm bitnami/mysql:8.1 strings /opt/bitnami/mysql/bin/mysql | grep -C 2 -E '8\.1\.0'
UNKNOWN_USER
shutdown
8.1.0
mysql_real_escape_string_quote
mysql_real_escape_string
$ docker run -it --rm bitnami/mysql:8.2 mysql --version
mysql 13:50:11.32 INFO ==>
mysql 13:50:11.32 INFO ==> Welcome to the Bitnami mysql container
mysql 13:50:11.32 INFO ==> Subscribe to project updates by watching https://github.com/bitnami/containers
mysql 13:50:11.33 INFO ==> Submit issues and feature requests at https://github.com/bitnami/containers/issues
mysql 13:50:11.33 INFO ==>
mysql Ver 8.2.0 for Linux on x86_64 (Source distribution)
$ docker run -it --rm bitnami/mysql:8.2 strings /opt/bitnami/mysql/bin/mysql | grep -C 2 -E '8\.2\.0'
UNKNOWN_USER
shutdown
8.2.0
mysql_real_escape_string_quote
mysql_real_escape_string
$ docker run -it --rm bitnami/mysql:8.3 mysql --version
mysql 13:51:13.87 INFO ==>
mysql 13:51:13.87 INFO ==> Welcome to the Bitnami mysql container
mysql 13:51:13.88 INFO ==> Subscribe to project updates by watching https://github.com/bitnami/containers
mysql 13:51:13.88 INFO ==> Submit issues and feature requests at https://github.com/bitnami/containers/issues
mysql 13:51:13.88 INFO ==> Upgrade to Tanzu Application Catalog for production environments to access custom-configured and pre-packaged software components. Gain enhanced features, including Software Bill of Materials (SBOM), CVE scan result reports, and VEX documents. To learn more, visit https://bitnami.com/enterprise
mysql 13:51:13.88 INFO ==>
mysql Ver 8.3.0 for Linux on x86_64 (Source distribution)
$ docker run -it --rm bitnami/mysql:8.3 strings /opt/bitnami/mysql/bin/mysql | grep -C 2 -E '8\.3\.0'
mysql_change_user
UNKNOWN_USER
8.3.0
mysql_real_escape_string_quote
mysql_real_escape_string
$ docker run -it --rm bitnami/mysql:8.4 mysql --version
mysql 13:52:44.91 INFO ==>
mysql 13:52:44.91 INFO ==> Welcome to the Bitnami mysql container
mysql 13:52:44.92 INFO ==> Subscribe to project updates by watching https://github.com/bitnami/containers
mysql 13:52:44.92 INFO ==> Submit issues and feature requests at https://github.com/bitnami/containers/issues
mysql 13:52:44.92 INFO ==> Upgrade to Tanzu Application Catalog for production environments to access custom-configured and pre-packaged software components. Gain enhanced features, including Software Bill of Materials (SBOM), CVE scan result reports, and VEX documents. To learn more, visit https://bitnami.com/enterprise
mysql 13:52:44.92 INFO ==>
mysql Ver 8.4.1 for Linux on x86_64 (Source distribution)
$ docker run -it --rm bitnami/mysql:8.4 strings /opt/bitnami/mysql/bin/mysql | grep -C 2 -E '8\.4\.1'
shutdown
SHOW PROCESSLIST
8.4.1
mysql_real_escape_string_quote
mysql_real_escape_string
9.x may be same status
$ syft bitnami/mysql:9.0 | grep mysql
✔ Loaded image bitnami/mysql:9.0
✔ Parsed image sha256:852a5f421e215520df9bdb43cafda02eaa265e5edc1d572323fd
✔ Cataloged contents 2b1aa5928ee0f57620f4de8f4b82ab8934d235a4623d4cfb1d98d88c394
├── ✔ Packages [141 packages]
├── ✔ File digests [5,607 files]
├── ✔ File metadata [5,607 locations]
└── ✔ Executables [1,199 executables]
$
$ docker run -it --rm bitnami/mysql:9.0 mysql --version
mysql 11:48:06.47 INFO ==>
mysql 11:48:06.47 INFO ==> Welcome to the Bitnami mysql container
mysql 11:48:06.48 INFO ==> Subscribe to project updates by watching https://github.com/bitnami/containers
mysql 11:48:06.48 INFO ==> Submit issues and feature requests at https://github.com/bitnami/containers/issues
mysql 11:48:06.48 INFO ==> Upgrade to Tanzu Application Catalog for production environments to access custom-configured and pre-packaged software components. Gain enhanced features, including Software Bill of Materials (SBOM), CVE scan result reports, and VEX documents. To learn more, visit https://bitnami.com/enterprise
mysql 11:48:06.48 INFO ==>
mysql Ver 9.0.0 for Linux on x86_64 (Source distribution)
$
$ docker run -it --rm bitnami/mysql:9.0 strings /opt/bitnami/mysql/bin/mysql | grep -C 2 -E '9\.0\.0'
shutdown
SHOW PROCESSLIST
9.0.0
mysql_real_escape_string_quote
mysql_real_escape_string
This seems solved by https://github.com/anchore/syft/pull/3142
$ syft bitnami/mysql:8.4 | grep mysql
✔ Pulled image
✔ Loaded image bitnami/mysql:8.4
✔ Parsed image sha256:556d0e7888549e24a4b7120e6247001309ed3bfd41ebf5c35e8e033c64
✔ Cataloged contents 0059f9b867c2e86c0fb920ba4f588f5c1be1e0776e54cdf267bb543a16f79ba3
├── ✔ Packages [142 packages]
├── ✔ File digests [5,606 files]
├── ✔ File metadata [5,606 locations]
└── ✔ Executables [1,196 executables]
mysql 8.4.2 binary
$ syft bitnami/mysql:8.3 | grep mysql
✔ Pulled image
✔ Loaded image bitnami/mysql:8.3
✔ Parsed image sha256:58ac7a6089f53f6eb1e65c451845251941a3ed90e833c36a482254089b
✔ Cataloged contents 2a5a13df7c978b65d71c03f42d5a2604ef60de8d7452a6c75cad45bcacb2a65c
├── ✔ Packages [142 packages]
├── ✔ File digests [5,607 files]
├── ✔ File metadata [5,607 locations]
└── ✔ Executables [1,024 executables]
mysql 8.3.0 binary
$ syft bitnami/mysql:8.2 | grep mysql
✔ Pulled image
✔ Loaded image bitnami/mysql:8.2
✔ Parsed image sha256:d54c1766e3c35a49e32329a26e0d277f1ffd8c5f57230720405bfd2e2b
✔ Cataloged contents fc8257e191159424149382d8394a5ebb7e1e016f3250eb5d184cf022a02d07e8
├── ✔ Packages [130 packages]
├── ✔ File digests [4,019 files]
├── ✔ File metadata [4,019 locations]
└── ✔ Executables [952 executables]
mysql 8.2.0 binary
$ syft bitnami/mysql:8.1 | grep mysql
✔ Pulled image
✔ Loaded image bitnami/mysql:8.1
✔ Parsed image sha256:a278050d6dc11923324efbe21e0df0ed21afe9a69fa71c7e6ee2c845b8
✔ Cataloged contents 951036140c9433b5d100c350c991c8380ee6354d09d8e6d0cdf1d1674ef85ce1
├── ✔ Packages [130 packages]
├── ✔ File digests [4,019 files]
├── ✔ File metadata [4,019 locations]
└── ✔ Executables [951 executables]
mysql 8.1.0 binary
$ syft bitnami/mysql:8.0 | grep mysql
✔ Pulled image
✔ Loaded image bitnami/mysql:8.0
✔ Parsed image sha256:c6fe3caf069ac46f8fbc03a6e79e2bf9794c026028cadc2542e19daec2
✔ Cataloged contents 3cd35084254821421ef6c79669959b1fdbf1d32af9e89df27aaa5f725e2c4b1e
├── ✔ Packages [142 packages]
├── ✔ File digests [5,606 files]
├── ✔ File metadata [5,606 locations]
└── ✔ Executables [1,017 executables]
mysql 8.0.39 binary
$ syft bitnami/mysql:9.0 | grep mysql
✔ Pulled image
✔ Loaded image bitnami/mysql:9.0
✔ Parsed image sha256:df5236cf1881c56fb3ed522f32d0bb28c880af2feddf426dd6176e2f6c
✔ Cataloged contents 57df709bf91b3d9a311073734d12ca78057d2ace96e50928e8174aff706d5f8c
├── ✔ Packages [142 packages]
├── ✔ File digests [5,606 files]
├── ✔ File metadata [5,606 locations]
└── ✔ Executables [1,199 executables]
mysql 9.0.1 binary