Skip to content

Vulnerability patch in hub #3684

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
Jun 1, 2025
Merged

Vulnerability patch in hub #3684

merged 1 commit into from
Jun 1, 2025

Conversation

jupyterhub-bot
Copy link
Collaborator

A rebuild of quay.io/jupyterhub/k8s-hub has been found to influence the detected vulnerabilities! This PR will trigger a rebuild because it has updated a comment in the Dockerfile.

About

This scan for known vulnerabilities has been made by aquasecurity/trivy. Trivy was configured to filter the vulnerabilities with the following settings:

  • ignore-unfixed: true

Before

Before trying to rebuild the image, the following vulnerabilities was detected in quay.io/jupyterhub/k8s-hub:4.2.1-0.dev.git.7048.hfe62521e.

Target Vuln. ID Package Name Installed v. Fixed v.
debian CVE-2025-4598 libsystemd0 252.36-1~deb12u1 252.38-1~deb12u1
debian CVE-2025-4598 libudev1 252.36-1~deb12u1 252.38-1~deb12u1

After

Target Vuln. ID Package Name Installed v. Fixed v.

@jupyterhub-bot jupyterhub-bot added the image:rebuild-to-patch-vuln Image rebuild to patch a known external vulnerability label Jun 1, 2025
@manics manics merged commit 2e6c14d into main Jun 1, 2025
16 checks passed
@manics manics deleted the vuln-scan-hub branch June 1, 2025 21:33
consideRatio pushed a commit to jupyterhub/helm-chart that referenced this pull request Jun 1, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
image:rebuild-to-patch-vuln Image rebuild to patch a known external vulnerability
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants