Przemyslaw Roguski

icon company Red Hat icon location Principal Security Engineer at Red Hat

Results 4 comments of Przemyslaw Roguski

config: base GID must be present in the supplementary GIDs array

thank you @neersighted for opening this PR

False positives for packages installed from RH EUS streams

The crucial step in the rpm fixes identification is finding the package source repository. Knowing the repository for the particular rpm package you can use the [repository-to-cpe](https://www.redhat.com/security/data/metrics/repository-to-cpe.json) to find the...

Add support for image digests

There is a few options on how image digest can be converted to the container repository and tag. Dumping the full list of all images' digest from the catalog and...

Way to document the stream or cpe that an image belongs to?

In my humble opinion the best place to combine image artifacts with product stream (supported version) where that image belongs to is the image SBOM. In the SBOM container image...