open-balena-vpn
open-balena-vpn copied to clipboard
Upgrade base image version to patch vulnerabilities
Summary:
The currently used version of the open-balena-base
image has the following vulnerabilities. Upgrading the version to the latest will solve them.
Issue Is:
+--------------+------------------+----------+------------------------------+------------------------------+---------------------------------------+
| LIBRARY | VULNERABILITY ID | SEVERITY | INSTALLED VERSION | FIXED VERSION | TITLE |
+--------------+------------------+----------+------------------------------+------------------------------+---------------------------------------+
| bind9-host | CVE-2021-25215 | HIGH | 1:9.11.5.P4+dfsg-5.1+deb10u3 | 1:9.11.5.P4+dfsg-5.1+deb10u5 | bind: An assertion check |
| | | | | | can fail while answering |
| | | | | | queries for DNAME records... |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-25215 |
+ +------------------+ + + +---------------------------------------+
| | CVE-2021-25216 | | | | bind: Vulnerability in |
| | | | | | BIND's GSSAPI security policy |
| | | | | | negotiation can be targeted by... |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-25216 |
+--------------+------------------+ + + +---------------------------------------+
| libbind9-161 | CVE-2021-25215 | | | | bind: An assertion check |
| | | | | | can fail while answering |
| | | | | | queries for DNAME records... |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-25215 |
+ +------------------+ + + +---------------------------------------+
| | CVE-2021-25216 | | | | bind: Vulnerability in |
| | | | | | BIND's GSSAPI security policy |
| | | | | | negotiation can be targeted by... |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-25216 |
+--------------+------------------+ + + +---------------------------------------+
| libdns1104 | CVE-2021-25215 | | | | bind: An assertion check |
| | | | | | can fail while answering |
| | | | | | queries for DNAME records... |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-25215 |
+ +------------------+ + + +---------------------------------------+
| | CVE-2021-25216 | | | | bind: Vulnerability in |
| | | | | | BIND's GSSAPI security policy |
| | | | | | negotiation can be targeted by... |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-25216 |
+--------------+------------------+ + + +---------------------------------------+
| libisc1100 | CVE-2021-25215 | | | | bind: An assertion check |
| | | | | | can fail while answering |
| | | | | | queries for DNAME records... |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-25215 |
+ +------------------+ + + +---------------------------------------+
| | CVE-2021-25216 | | | | bind: Vulnerability in |
| | | | | | BIND's GSSAPI security policy |
| | | | | | negotiation can be targeted by... |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-25216 |
+--------------+------------------+ + + +---------------------------------------+
| libisccc161 | CVE-2021-25215 | | | | bind: An assertion check |
| | | | | | can fail while answering |
| | | | | | queries for DNAME records... |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-25215 |
+ +------------------+ + + +---------------------------------------+
| | CVE-2021-25216 | | | | bind: Vulnerability in |
| | | | | | BIND's GSSAPI security policy |
| | | | | | negotiation can be targeted by... |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-25216 |
+--------------+------------------+ + + +---------------------------------------+
| libisccfg163 | CVE-2021-25215 | | | | bind: An assertion check |
| | | | | | can fail while answering |
| | | | | | queries for DNAME records... |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-25215 |
+ +------------------+ + + +---------------------------------------+
| | CVE-2021-25216 | | | | bind: Vulnerability in |
| | | | | | BIND's GSSAPI security policy |
| | | | | | negotiation can be targeted by... |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-25216 |
+--------------+------------------+ + + +---------------------------------------+
| liblwres161 | CVE-2021-25215 | | | | bind: An assertion check |
| | | | | | can fail while answering |
| | | | | | queries for DNAME records... |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-25215 |
+ +------------------+ + + +---------------------------------------+
| | CVE-2021-25216 | | | | bind: Vulnerability in |
| | | | | | BIND's GSSAPI security policy |
| | | | | | negotiation can be targeted by... |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-25216 |
+--------------+------------------+----------+------------------------------+------------------------------+---------------------------------------+