zhangguanzhang
zhangguanzhang
我看了下行为是没问题的 例如目录dir1下有三个file 1 2 3,那下载压缩包里根目录就是 1 2 3三个文件。 如果dir1下你再增加一个目录dir2,dir下有456三个文件,那下载dir1的压缩包内就是 ``` file1 file2 file3 dir2/file4 dir2/file5 dir2/file6 ```
@chrisohaver PTAL
> I think that [CVE-2024-24789](https://github.com/advisories/GHSA-236w-p7wf-5ph8) is not applicable. Is [CVE-2024-24790](https://github.com/advisories/GHSA-49gw-vxvf-fc2g) a problem? Probably not, I don't think that CoreDNS has some logic around the vulnerable functions (feel free to pinpoint...
> I am not the author of CoreDNS and not (yet) a contributor, so I speak for myself. > > > coredns is used by many people, and security-conscious users...
https://github.com/zhangguanzhang/netshoot
可以的,根据Descriptor和FieldDescriptor
maybe update to ``` registry.k8s.io/build-image/distroless-iptables:v0.5.2 ```
> Can you link info why upgrading iptables will fix those Vuln issues? Latest version for iptables is v0.5.6 https://pkg.go.dev/github.com/docker/libnetwork/iptables ``` # skopeo list-tags docker://registry.k8s.io/build-image/distroless-iptables { "Repository": "registry.k8s.io/build-image/distroless-iptables", "Tags": [...
@kl52752 ``` [root@guan ~]# trivy image registry.k8s.io/build-image/distroless-iptables:v0.4.1 2024-03-27T19:11:26.860+0800 INFO Vulnerability scanning is enabled 2024-03-27T19:11:26.860+0800 INFO Secret scanning is enabled 2024-03-27T19:11:26.860+0800 INFO If your scanning is slow, please try '--scanners vuln'...
> thanks, can you also run `trivy image` for iptables v0.5.2 image? `HIGH: 0, CRITICAL: 0` ``` [root@guan ~]# trivy image registry.k8s.io/build-image/distroless-iptables:v0.5.2 2024-03-27T19:58:42.924+0800 INFO Vulnerability scanning is enabled 2024-03-27T19:58:42.924+0800 INFO...