Reporting vulnerability in timescale/timescaledb-ha

[anshulgangrade]

Name and Version timescale/timescaledb-ha:pg14.5-ts2.8.0-p1

What steps will reproduce the bug? Posting it here as i could not report the security vulnerability as an issue due to the policy.

We are running trivy scan to find out vulnerabilities in timescaledb container. We see many CVE's reported on Ubuntu as below. Please suggest how to fix it?

.\trivy image --format template --template "@contrib/html.tpl" -o timescale_report.html timescale/timescaledb-ha:pg14.5-ts2.8.0-p1 --ignore-unfixed

What is the expected behavior? $ trivy image timescale/timescaledb-ha:pg14.5-ts2.8.0-p1 --ignore-unfixed Attached is the report in pdf. Expected behavior is to have 0 vulnerability. timescale_timescaledb-ha_pg14.5-ts2.8.0-p1.pdf

Additional information how to remediate the CVEs reported