sbs
sbs
Old behaviour ``` ❯ sudo cscli collection install crowdsecurity/apache2 crowdsecurity/ …security/apache2 …security/freebsd …security/mariadb …security/odoo …security/traefik ``` New behaviour ``` ❯ sudo cscli collection install crowdsecurity/apache2 crowdsecurity/ …security/asterisk …security/haproxy …security/modsecurity …security/opnsense...
**Describe the bug** When crowdsec agent is reloaded, it leaks 1 go routine. This happens only when crowdsec is logging to a file. This leak is related to lumberjack at...
Consider there are some elements in a nft set (some are CIDR ranges). By doing ``` nft get element x y { 1.1.1.1 } table ip x { set m...
Deploying without any guards against API spam, is a bad idea. Especially since we need to do quite a work and API payload is big.
Currently sig-security has a draft KEP [here](https://docs.google.com/document/d/1qPDlEX0aSd071oW3GGYmE_hliuL2Qg_f/edit) for creating structured feeds for k8s vulnerabilities. It would be great if osv could consume this feed when implemented. Relevant ticket at https://github.com/kubernetes/sig-security/issues/1
#### What would you like to be added: Currently the external reference for a detected package is only the corresponding package's PURL. We should also provide the CPE for this...
SLSA noob here, so maybe it's a stupid question. From reading the docs I didn't see a tool which could help with determining the SLSA level of some project. So...
Link: https://github.com/kubernetes-sigs/bom It outputs bill of materials with purl references.