From b3400c2aca6fcef44ec6565fcd3744b83cb905288b9593bf22b043b0a9980c1b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Dirk=20M=C3=BCller?= Date: Thu, 11 Jul 2024 17:36:46 +0200 Subject: [PATCH 1/2] Update to 0.53.0 --- _service | 2 +- _servicedata | 2 +- trivy-0.52.2.tar.zst | 3 -- trivy-0.53.0.tar.zst | 3 ++ trivy.changes | 82 ++++++++++++++++++++++++++++++++++++++++++++ trivy.spec | 2 +- vendor.tar.zst | 4 +-- 7 files changed, 90 insertions(+), 8 deletions(-) delete mode 100644 trivy-0.52.2.tar.zst create mode 100644 trivy-0.53.0.tar.zst diff --git a/_service b/_service index a7556a8..c833963 100644 --- a/_service +++ b/_service @@ -2,7 +2,7 @@ https://github.com/aquasecurity/trivy git - v0.52.2 + v0.53.0 @PARENT_TAG@ v(.*) enable diff --git a/_servicedata b/_servicedata index 4346b9d..773b2d7 100644 --- a/_servicedata +++ b/_servicedata @@ -1,4 +1,4 @@ https://github.com/aquasecurity/trivy - 8709d4f9c8ae29df1ff2e0d45b414cc075d3ea0b \ No newline at end of file + c55b0e6cac49c5d30abe6c0d4ccbb56932a0a45d \ No newline at end of file diff --git a/trivy-0.52.2.tar.zst b/trivy-0.52.2.tar.zst deleted file mode 100644 index 4321d85..0000000 --- a/trivy-0.52.2.tar.zst +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:ff5a9e30ebb5fabc0d8bd5f11f9d4874cbbcf728ba163d7f4125cffc10e7f1d6 -size 51992543 diff --git a/trivy-0.53.0.tar.zst b/trivy-0.53.0.tar.zst new file mode 100644 index 0000000..3f5a61b --- /dev/null +++ b/trivy-0.53.0.tar.zst @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:463a950285cf6795b6f3f9b337bb6a32c5549f9a9389343e812e192b532300b3 +size 51991454 diff --git a/trivy.changes b/trivy.changes index 033a0a9..64c3ea8 100644 --- a/trivy.changes +++ b/trivy.changes @@ -1,3 +1,85 @@ +------------------------------------------------------------------- +Thu Jul 11 15:31:03 UTC 2024 - dmueller@suse.com + +- Update to version 0.53.0: + * release: v0.53.0 [main] (#6855) + * feat(conda): add licenses support for `environment.yml` files (#6953) + * fix(sbom): fix panic when scanning SBOM file without root component into SBOM format (#7051) + * feat: add memory cache backend (#7048) + * fix(sbom): use package UIDs for uniqueness (#7042) + * feat(php): add installed.json file support (#4865) + * docs: ✨ Updated ecosystem docs with reference to new community app (#7041) + * fix: use embedded when command path not found (#7037) + * chore(deps): bump trivy-kubernetes version (#7012) + * refactor: use google/wire for cache (#7024) + * fix(cli): show info message only when --scanners is available (#7032) + * chore: enable float-compare rule from testifylint (#6967) + * docs: Add sudo on commands, chmod before mv on install docs (#7009) + * fix(plugin): respect `--insecure` (#7022) + * feat(k8s)!: node-collector dynamic commands support (#6861) + * fix(sbom): take pkg name from `purl` for maven pkgs (#7008) + * chore(deps): bump github.com/hashicorp/go-getter from 1.7.4 to 1.7.5 (#7018) + * feat!: add clean subcommand (#6993) + * chore: use `!` for breaking changes (#6994) + * feat(aws)!: Remove aws subcommand (#6995) + * refactor: replace global cache directory with parameter passing (#6986) + * fix(sbom): use `purl` for `bitnami` pkg names (#6982) + * chore: bump Go toolchain version (#6984) + * refactor: unify cache implementations (#6977) + * docs: non-packaged and sbom clarifications (#6975) + * BREAKING(aws): Deprecate `trivy aws` as subcmd in favour of a plugin (#6819) + * docs: delete unknown URL (#6972) + * refactor: use version-specific URLs for documentation references (#6966) + * refactor: delete db mock (#6940) + * ci: add depguard (#6963) + * refactor: add warning if severity not from vendor (or NVD or GH) is used (#6726) + * feat: Add local ImageID to SARIF metadata (#6522) + * fix(suse): Add SLES 15.6 and Leap 15.6 (#6964) + * feat(java): add support for sbt projects using sbt-dependency-lock (#6882) + * feat(java): add support for `maven-metadata.xml` files for remote snapshot repositories. (#6950) + * fix(purl): add missed os types (#6955) + * fix(cyclonedx): trim non-URL info for `advisory.url` (#6952) + * fix(c): don't skip conan files from `file-patterns` and scan `.conan2` cache dir (#6949) + * ci: correctly handle categories (#6943) + * fix(image): parse `image.inspect.Created` field only for non-empty values (#6948) + * fix(misconf): handle source prefix to ignore (#6945) + * fix(misconf): fix parsing of engine links and frameworks (#6937) + * feat(misconf): support of selectors for all providers for Rego (#6905) + * ci: don't run `tests` for `release-please` PRs (#6936) + * fix(license): return license separation using separators `,`, `or`, etc. (#6916) + * ci: use `ubuntu-latest-m` runner (#6918) + * feat(misconf): add support for AWS::EC2::SecurityGroupIngress/Egress (#6755) + * BREAKING(misconf): flatten recursive types (#6862) + * ci: move triage workflow yaml under .github/workflows (#6895) + * ci: add `trivy` group for `dependabot` (#6908) + * chore(deps): bump github.com/Azure/azure-sdk-for-go/sdk/azidentity from 1.5.2 to 1.6.0 (#6910) + * test: bump docker API to 1.45 (#6914) + * feat(sbom): migrate to `CycloneDX v1.6` (#6903) + * chore(deps): bump the aws group with 8 updates (#6898) + * ci: bump `github.com/goreleaser/goreleaser` to `v2.0.0` (#6887) + * feat(image): Set User-Agent header for Trivy container registry requests (#6868) + * fix(debian): take installed files from the origin layer (#6849) + * fix(nodejs): fix infinite loop when package link from `package-lock.json` file is broken (#6858) + * feat(misconf): API Gateway V1 support for CloudFormation (#6874) + * ci: add created release branch to `rulesets` to enable merge queue (#6880) + * feat(plugin): add support for nested archives (#6845) + * fix(sbom): don't overwrite `srcEpoch` when decoding SBOM files (#6866) + * fix(secret): `Asymmetric Private Key` shouldn't start with space (#6867) + * ci: use author permission check instead of `author_association` field for backport workflow (#6870) + * chore: auto label discussions (#5259) + * docs: explain how VEX is applied (#6864) + * ci: automate backporting process (#6781) + * ci: create release branch (#6859) + * fix(python): compare pkg names from `poetry.lock` and `pyproject.toml` in lowercase (#6852) + * fix(nodejs): fix infinity loops for `pnpm` with cyclic imports (#6857) + * feat(dart): use first version of constraint for dependencies using SDK version (#6239) + * fix(misconf): parsing numbers without fraction as int (#6834) + * fix(misconf): fix caching of modules in subdirectories (#6814) + * feat(misconf): add metadata to Cloud schema (#6831) + * chore(deps): bump the aws group across 1 directory with 7 updates (#6837) + * chore(deps): bump the common group with 5 updates (#6842) + * test: replace embedded Git repository with dynamically created repository (#6824) + ------------------------------------------------------------------- Wed Jun 19 15:58:20 UTC 2024 - dmueller@suse.com diff --git a/trivy.spec b/trivy.spec index e6493ad..0c3a80c 100644 --- a/trivy.spec +++ b/trivy.spec @@ -17,7 +17,7 @@ Name: trivy -Version: 0.52.2 +Version: 0.53.0 Release: 0 Summary: A Simple and Comprehensive Vulnerability Scanner for Containers License: Apache-2.0 diff --git a/vendor.tar.zst b/vendor.tar.zst index 5a85a5d..161bb58 100644 --- a/vendor.tar.zst +++ b/vendor.tar.zst @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:24ef9542d19cec2325c75b8d9872e02f2475ad1704da5dae59eb2d16ad8ec50f -size 35584664 +oid sha256:7bb6d53edfa7128fb8c4aca1a6a31add4e5d0f4b86322165ce74ddf9cd7033a4 +size 33822300 From c8e863eb5715d0edd37bd58d5334b9d1254a107bf4ca121bc89f771490701235 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Dirk=20M=C3=BCller?= Date: Thu, 11 Jul 2024 17:52:15 +0200 Subject: [PATCH 2/2] Changes file updates with bugzilla references --- trivy.changes | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/trivy.changes b/trivy.changes index 64c3ea8..692ed93 100644 --- a/trivy.changes +++ b/trivy.changes @@ -1,7 +1,7 @@ ------------------------------------------------------------------- Thu Jul 11 15:31:03 UTC 2024 - dmueller@suse.com -- Update to version 0.53.0: +- Update to version 0.53.0 (bsc#1227022, CVE-2024-6257): * release: v0.53.0 [main] (#6855) * feat(conda): add licenses support for `environment.yml` files (#6953) * fix(sbom): fix panic when scanning SBOM file without root component into SBOM format (#7051)