Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore(master): release 2.7.0 #47

Merged

Conversation

lotyp
Copy link
Member

@lotyp lotyp commented Sep 11, 2024

🤖 I have created a release beep boop

2.7.0 (2024-09-11)

Features

  • local dev structure changes (834a194)

This PR was generated with Release Please. See documentation.

Copy link

github-actions bot commented Sep 11, 2024

Outdated

🔍 Vulnerabilities of wayofdev/php-dev:latest

📦 Image Reference wayofdev/php-dev:latest
digestsha256:1584561b5670674baaf44cabffa869c60d82fabe1aa8f50f4b7967e58ba675d9
vulnerabilitiescritical: 0 high: 3 medium: 0 low: 0
size106 MB
packages229
📦 Base Image php:8.1-alpine
also known as
  • 8.1-alpine3.20
  • 8.1-cli-alpine
  • 8.1-cli-alpine3.20
  • 8.1.29-alpine
  • 8.1.29-alpine3.20
  • 8.1.29-cli-alpine
  • 8.1.29-cli-alpine3.20
digestsha256:4001f8453a837283a053931e0d085366d36f77fd5a2a18c31950c4121cd4a5ec
vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0
critical: 0 high: 3 medium: 0 low: 0 stdlib 1.22.5 (golang)

pkg:golang/[email protected]

high : CVE--2024--34158

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.04%
EPSS Percentile16th percentile
Description

Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion.

high : CVE--2024--34156

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.04%
EPSS Percentile16th percentile
Description

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

high : CVE--2022--30635

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.19%
EPSS Percentile56th percentile
Description

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

Copy link

github-actions bot commented Sep 11, 2024

Outdated

Recommended fixes for image wayofdev/php-dev:latest

Base image is php:8.1-alpine

Name8.1.29-alpine3.20
Digestsha256:4001f8453a837283a053931e0d085366d36f77fd5a2a18c31950c4121cd4a5ec
Vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0
Pushed4 days ago
Size35 MB
Packages50
Flavoralpine
OS3.20
Runtime8.1.29
The base image is also available under the supported tag(s): 8.1-alpine3.20, 8.1-cli-alpine, 8.1-cli-alpine3.20, 8.1.29-alpine, 8.1.29-alpine3.20, 8.1.29-cli-alpine, 8.1.29-cli-alpine3.20

Refresh base image

Rebuild the image using a newer base image version. Updating this may result in breaking changes.

✅ This image version is up to date.

Change base image

TagDetailsPushedVulnerabilities
8.3-alpine
Minor runtime version update
Also known as:
  • 8.3.11-cli-alpine
  • 8.3.11-cli-alpine3.20
  • 8.3-cli-alpine
  • 8.3-cli-alpine3.20
  • 8-cli-alpine
  • 8-cli-alpine3.20
  • cli-alpine
  • cli-alpine3.20
  • alpine
  • alpine3.20
  • 8.3.11-alpine
  • 8.3.11-alpine3.20
  • 8.3-alpine3.20
  • 8-alpine
  • 8-alpine3.20
Benefits:
  • Same OS detected
  • Minor runtime version update
  • Image has similar size
  • Image has same number of vulnerabilities
  • Image contains equal number of packages
Image details:
  • Size: 37 MB
  • Flavor: alpine
  • OS: 3.20
  • Runtime: 8.3.11
4 days ago



8.2-alpine
Minor runtime version update
Also known as:
  • 8.2.23-cli-alpine
  • 8.2.23-cli-alpine3.20
  • 8.2-cli-alpine
  • 8.2-cli-alpine3.20
  • 8.2.23-alpine
  • 8.2.23-alpine3.20
  • 8.2-alpine3.20
Benefits:
  • Same OS detected
  • Minor runtime version update
  • Image has similar size
  • Image has same number of vulnerabilities
  • Image contains equal number of packages
  • 8.2-alpine was pulled 1.8K times last month
Image details:
  • Size: 36 MB
  • Flavor: alpine
  • OS: 3.20
  • Runtime: 8.2.23
4 days ago



Copy link

github-actions bot commented Sep 11, 2024

Outdated

🔍 Vulnerabilities of wayofdev/php-dev:latest

📦 Image Reference wayofdev/php-dev:latest
digestsha256:faa662b48a47062c0de60482e1a7120b3a4c655dae43e85f3fd1de7060612977
vulnerabilitiescritical: 0 high: 3 medium: 0 low: 0
size102 MB
packages230
📦 Base Image php:8.1-fpm-alpine
also known as
  • 8.1-fpm-alpine3.20
  • 8.1.29-fpm-alpine
  • 8.1.29-fpm-alpine3.20
digestsha256:c2a4daca3f96f06a5b3fa60bf58d933e147e43b607b87dffdd31f0e430843848
vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0
critical: 0 high: 3 medium: 0 low: 0 stdlib 1.22.5 (golang)

pkg:golang/[email protected]

high : CVE--2024--34158

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.04%
EPSS Percentile16th percentile
Description

Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion.

high : CVE--2024--34156

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.04%
EPSS Percentile16th percentile
Description

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

high : CVE--2022--30635

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.19%
EPSS Percentile56th percentile
Description

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

Copy link

github-actions bot commented Sep 11, 2024

Outdated

Recommended fixes for image wayofdev/php-dev:latest

Base image is php:8.1-fpm-alpine

Name8.1.29-fpm-alpine3.20
Digestsha256:c2a4daca3f96f06a5b3fa60bf58d933e147e43b607b87dffdd31f0e430843848
Vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0
Pushed4 days ago
Size31 MB
Packages51
Flavoralpine
OS3.20
Runtime8.1.29
The base image is also available under the supported tag(s): 8.1-fpm-alpine3.20, 8.1.29-fpm-alpine, 8.1.29-fpm-alpine3.20

Refresh base image

Rebuild the image using a newer base image version. Updating this may result in breaking changes.

✅ This image version is up to date.

Change base image

TagDetailsPushedVulnerabilities
8.2-fpm-alpine
Minor runtime version update
Also known as:
  • 8.2.23-fpm-alpine
  • 8.2.23-fpm-alpine3.20
  • 8.2-fpm-alpine3.20
Benefits:
  • Same OS detected
  • Minor runtime version update
  • Image has similar size
  • Image has same number of vulnerabilities
  • Image contains equal number of packages
  • 8.2-fpm-alpine was pulled 4.1K times last month
Image details:
  • Size: 32 MB
  • Flavor: alpine
  • OS: 3.20
  • Runtime: 8.2.23
4 days ago



8.3-fpm-alpine
Image has same number of vulnerabilities
Also known as:
  • 8.3.11-fpm-alpine
  • 8.3.11-fpm-alpine3.20
  • 8.3-fpm-alpine3.20
  • 8-fpm-alpine
  • 8-fpm-alpine3.20
  • fpm-alpine
  • fpm-alpine3.20
Benefits:
  • Same OS detected
  • Image has similar size
  • Image has same number of vulnerabilities
  • Image contains equal number of packages
Image details:
  • Size: 32 MB
  • Flavor: alpine
  • OS: 3.20
4 days ago



Copy link

github-actions bot commented Sep 11, 2024

Outdated

🔍 Vulnerabilities of wayofdev/php-dev:latest

📦 Image Reference wayofdev/php-dev:latest
digestsha256:6505f8fac98a71cabf9ef002324c7b9accfea21ecd23159fb0acd49d186da9bd
vulnerabilitiescritical: 0 high: 3 medium: 0 low: 0
size139 MB
packages247
📦 Base Image php:8.1-alpine
also known as
  • 8.1-alpine3.20
  • 8.1-cli-alpine
  • 8.1-cli-alpine3.20
  • 8.1.29-alpine
  • 8.1.29-alpine3.20
  • 8.1.29-cli-alpine
  • 8.1.29-cli-alpine3.20
digestsha256:4001f8453a837283a053931e0d085366d36f77fd5a2a18c31950c4121cd4a5ec
vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0
critical: 0 high: 3 medium: 0 low: 0 stdlib 1.22.5 (golang)

pkg:golang/[email protected]

high : CVE--2024--34158

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.04%
EPSS Percentile16th percentile
Description

Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion.

high : CVE--2024--34156

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.04%
EPSS Percentile16th percentile
Description

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

high : CVE--2022--30635

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.19%
EPSS Percentile56th percentile
Description

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

Copy link

github-actions bot commented Sep 11, 2024

Outdated

Recommended fixes for image wayofdev/php-dev:latest

Base image is php:8.1-alpine

Name8.1.29-alpine3.20
Digestsha256:4001f8453a837283a053931e0d085366d36f77fd5a2a18c31950c4121cd4a5ec
Vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0
Pushed4 days ago
Size35 MB
Packages50
Flavoralpine
OS3.20
Runtime8.1.29
The base image is also available under the supported tag(s): 8.1-alpine3.20, 8.1-cli-alpine, 8.1-cli-alpine3.20, 8.1.29-alpine, 8.1.29-alpine3.20, 8.1.29-cli-alpine, 8.1.29-cli-alpine3.20

Refresh base image

Rebuild the image using a newer base image version. Updating this may result in breaking changes.

✅ This image version is up to date.

Change base image

TagDetailsPushedVulnerabilities
8.3-alpine
Minor runtime version update
Also known as:
  • 8.3.11-cli-alpine
  • 8.3.11-cli-alpine3.20
  • 8.3-cli-alpine
  • 8.3-cli-alpine3.20
  • 8-cli-alpine
  • 8-cli-alpine3.20
  • cli-alpine
  • cli-alpine3.20
  • alpine
  • alpine3.20
  • 8.3.11-alpine
  • 8.3.11-alpine3.20
  • 8.3-alpine3.20
  • 8-alpine
  • 8-alpine3.20
Benefits:
  • Same OS detected
  • Minor runtime version update
  • Image has similar size
  • Image has same number of vulnerabilities
  • Image contains equal number of packages
Image details:
  • Size: 37 MB
  • Flavor: alpine
  • OS: 3.20
  • Runtime: 8.3.11
4 days ago



8.2-alpine
Minor runtime version update
Also known as:
  • 8.2.23-cli-alpine
  • 8.2.23-cli-alpine3.20
  • 8.2-cli-alpine
  • 8.2-cli-alpine3.20
  • 8.2.23-alpine
  • 8.2.23-alpine3.20
  • 8.2-alpine3.20
Benefits:
  • Same OS detected
  • Minor runtime version update
  • Image has similar size
  • Image has same number of vulnerabilities
  • Image contains equal number of packages
  • 8.2-alpine was pulled 1.8K times last month
Image details:
  • Size: 36 MB
  • Flavor: alpine
  • OS: 3.20
  • Runtime: 8.2.23
4 days ago



Copy link

github-actions bot commented Sep 11, 2024

Outdated

🔍 Vulnerabilities of wayofdev/php-dev:latest

📦 Image Reference wayofdev/php-dev:latest
digestsha256:3788c2afe62cd56f4baf63b46e5a16c61c32026944ab0e8f470038659533e97f
vulnerabilitiescritical: 0 high: 3 medium: 0 low: 0
size107 MB
packages229
📦 Base Image php:8.2-alpine
also known as
  • 8.2-alpine3.20
  • 8.2-cli-alpine
  • 8.2-cli-alpine3.20
  • 8.2.23-alpine
  • 8.2.23-alpine3.20
  • 8.2.23-cli-alpine
  • 8.2.23-cli-alpine3.20
digestsha256:664c504580bbf49e465ef58c3a501ea48c21fbfbef991f34bee822a670fbad49
vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0
critical: 0 high: 3 medium: 0 low: 0 stdlib 1.22.5 (golang)

pkg:golang/[email protected]

high : CVE--2024--34158

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.04%
EPSS Percentile16th percentile
Description

Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion.

high : CVE--2024--34156

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.04%
EPSS Percentile16th percentile
Description

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

high : CVE--2022--30635

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.19%
EPSS Percentile56th percentile
Description

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

Copy link

github-actions bot commented Sep 11, 2024

Outdated

Recommended fixes for image wayofdev/php-dev:latest

Base image is php:8.2-alpine

Name8.2.23-alpine3.20
Digestsha256:664c504580bbf49e465ef58c3a501ea48c21fbfbef991f34bee822a670fbad49
Vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0
Pushed4 days ago
Size36 MB
Packages50
Flavoralpine
OS3.20
Runtime8.2.23
The base image is also available under the supported tag(s): 8.2-alpine3.20, 8.2-cli-alpine, 8.2-cli-alpine3.20, 8.2.23-alpine, 8.2.23-alpine3.20, 8.2.23-cli-alpine, 8.2.23-cli-alpine3.20

Refresh base image

Rebuild the image using a newer base image version. Updating this may result in breaking changes.

✅ This image version is up to date.

Change base image

TagDetailsPushedVulnerabilities
8.3-alpine
Minor runtime version update
Also known as:
  • 8.3.11-cli-alpine
  • 8.3.11-cli-alpine3.20
  • 8.3-cli-alpine
  • 8.3-cli-alpine3.20
  • 8-cli-alpine
  • 8-cli-alpine3.20
  • cli-alpine
  • cli-alpine3.20
  • alpine
  • alpine3.20
  • 8.3.11-alpine
  • 8.3.11-alpine3.20
  • 8.3-alpine3.20
  • 8-alpine
  • 8-alpine3.20
Benefits:
  • Same OS detected
  • Minor runtime version update
  • Image has similar size
  • Image has same number of vulnerabilities
  • Image contains equal number of packages
Image details:
  • Size: 37 MB
  • Flavor: alpine
  • OS: 3.20
  • Runtime: 8.3.11
4 days ago



@lotyp lotyp enabled auto-merge September 11, 2024 16:50
Copy link

github-actions bot commented Sep 11, 2024

Outdated

🔍 Vulnerabilities of wayofdev/php-dev:latest

📦 Image Reference wayofdev/php-dev:latest
digestsha256:7c5e7c858951ca449a4e21153fe8be61067bf4965bc58d0bbf7963105b1d49b3
vulnerabilitiescritical: 0 high: 3 medium: 0 low: 0
size102 MB
packages230
📦 Base Image php:8.2-fpm-alpine
also known as
  • 8.2-fpm-alpine3.20
  • 8.2.23-fpm-alpine
  • 8.2.23-fpm-alpine3.20
digestsha256:2541389406d2ec619088fde1c8a3a1c9f3a263ee3ff3a2724e17cd78b168c89d
vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0
critical: 0 high: 3 medium: 0 low: 0 stdlib 1.22.5 (golang)

pkg:golang/[email protected]

high : CVE--2024--34158

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.04%
EPSS Percentile16th percentile
Description

Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion.

high : CVE--2024--34156

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.04%
EPSS Percentile16th percentile
Description

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

high : CVE--2022--30635

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.19%
EPSS Percentile56th percentile
Description

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

Copy link

github-actions bot commented Sep 11, 2024

Outdated

Recommended fixes for image wayofdev/php-dev:latest

Base image is php:8.2-fpm-alpine

Name8.2.23-fpm-alpine3.20
Digestsha256:2541389406d2ec619088fde1c8a3a1c9f3a263ee3ff3a2724e17cd78b168c89d
Vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0
Pushed4 days ago
Size32 MB
Packages51
Flavoralpine
OS3.20
Runtime8.2.23
The base image is also available under the supported tag(s): 8.2-fpm-alpine3.20, 8.2.23-fpm-alpine, 8.2.23-fpm-alpine3.20

Refresh base image

Rebuild the image using a newer base image version. Updating this may result in breaking changes.

✅ This image version is up to date.

Change base image

TagDetailsPushedVulnerabilities
8.3-fpm-alpine
Image has same number of vulnerabilities
Also known as:
  • 8.3.11-fpm-alpine
  • 8.3.11-fpm-alpine3.20
  • 8.3-fpm-alpine3.20
  • 8-fpm-alpine
  • 8-fpm-alpine3.20
  • fpm-alpine
  • fpm-alpine3.20
Benefits:
  • Same OS detected
  • Image has similar size
  • Image has same number of vulnerabilities
  • Image contains equal number of packages
Image details:
  • Size: 32 MB
  • Flavor: alpine
  • OS: 3.20
4 days ago



Copy link

github-actions bot commented Sep 11, 2024

Outdated

🔍 Vulnerabilities of wayofdev/php-dev:latest

📦 Image Reference wayofdev/php-dev:latest
digestsha256:9679ce430a212a5473e66050822730bf26a5e8343635879a405902a4fa57b17d
vulnerabilitiescritical: 0 high: 3 medium: 0 low: 0
size103 MB
packages230
📦 Base Image php:8-fpm-alpine
also known as
  • 8-fpm-alpine3.20
  • 8.3-fpm-alpine
  • 8.3-fpm-alpine3.20
  • 8.3.11-fpm-alpine
  • 8.3.11-fpm-alpine3.20
  • fpm-alpine
  • fpm-alpine3.20
digestsha256:6cf4a9ecc6a3626c62b37f83190750e6ea76a65c924ec6900d1c5b6d0e2456fc
vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0
critical: 0 high: 3 medium: 0 low: 0 stdlib 1.22.5 (golang)

pkg:golang/[email protected]

high : CVE--2024--34158

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.04%
EPSS Percentile16th percentile
Description

Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion.

high : CVE--2024--34156

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.04%
EPSS Percentile16th percentile
Description

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

high : CVE--2022--30635

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.19%
EPSS Percentile56th percentile
Description

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

Copy link

github-actions bot commented Sep 11, 2024

Outdated

Recommended fixes for image wayofdev/php-dev:latest

Base image is php:8-fpm-alpine

Namefpm-alpine3.20
Digestsha256:6cf4a9ecc6a3626c62b37f83190750e6ea76a65c924ec6900d1c5b6d0e2456fc
Vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0
Pushed4 days ago
Size32 MB
Packages51
Flavoralpine
OS3.20
The base image is also available under the supported tag(s): 8-fpm-alpine3.20, 8.3-fpm-alpine, 8.3-fpm-alpine3.20, 8.3.11-fpm-alpine, 8.3.11-fpm-alpine3.20, fpm-alpine, fpm-alpine3.20

Refresh base image

Rebuild the image using a newer base image version. Updating this may result in breaking changes.

✅ This image version is up to date.

Change base image

TagDetailsPushedVulnerabilities
8.2-fpm-alpine
Minor runtime version update
Also known as:
  • 8.2.23-fpm-alpine
  • 8.2.23-fpm-alpine3.20
  • 8.2-fpm-alpine3.20
Benefits:
  • Same OS detected
  • Minor runtime version update
  • Image is smaller by 578 KB
  • Tag was pushed more recently
  • Image has same number of vulnerabilities
  • Image contains equal number of packages
  • 8.2-fpm-alpine was pulled 4.1K times last month
Image details:
  • Size: 32 MB
  • Flavor: alpine
  • OS: 3.20
  • Runtime: 8.2.23
4 days ago



8.1-fpm-alpine
Minor runtime version update
Also known as:
  • 8.1.29-fpm-alpine
  • 8.1.29-fpm-alpine3.20
  • 8.1-fpm-alpine3.20
Benefits:
  • Same OS detected
  • Minor runtime version update
  • Image is smaller by 1.1 MB
  • Tag was pushed more recently
  • Image has same number of vulnerabilities
  • Image contains equal number of packages
  • 8.1-fpm-alpine is the fourth most popular tag with 18K pulls per month
Image details:
  • Size: 31 MB
  • Flavor: alpine
  • OS: 3.20
  • Runtime: 8.1.29
4 days ago



Copy link

github-actions bot commented Sep 11, 2024

Outdated

🔍 Vulnerabilities of wayofdev/php-dev:latest

📦 Image Reference wayofdev/php-dev:latest
digestsha256:c9164c9045913e3134f70abd1c489de9a90239c3c0275ae0d8c9ddcd21d23692
vulnerabilitiescritical: 0 high: 3 medium: 0 low: 0
size108 MB
packages229
📦 Base Image php:8-alpine
also known as
  • 8-alpine3.20
  • 8-cli-alpine
  • 8-cli-alpine3.20
  • 8.3-alpine
  • 8.3-alpine3.20
  • 8.3-cli-alpine
  • 8.3-cli-alpine3.20
  • 8.3.11-alpine
  • 8.3.11-alpine3.20
  • 8.3.11-cli-alpine
  • 8.3.11-cli-alpine3.20
  • alpine
  • alpine3.20
  • cli-alpine
  • cli-alpine3.20
digestsha256:fbd89ae244b08e08eece68310e23f0eb7865496203892ce649781d5d716e544f
vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0
critical: 0 high: 3 medium: 0 low: 0 stdlib 1.22.5 (golang)

pkg:golang/[email protected]

high : CVE--2024--34158

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.04%
EPSS Percentile16th percentile
Description

Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion.

high : CVE--2024--34156

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.04%
EPSS Percentile16th percentile
Description

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

high : CVE--2022--30635

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.19%
EPSS Percentile56th percentile
Description

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

Copy link

github-actions bot commented Sep 11, 2024

Outdated

Recommended fixes for image wayofdev/php-dev:latest

Base image is php:8-alpine

Name8.3.11-alpine3.20
Digestsha256:fbd89ae244b08e08eece68310e23f0eb7865496203892ce649781d5d716e544f
Vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0
Pushed4 days ago
Size37 MB
Packages50
Flavoralpine
OS3.20
Runtime8.3.11
The base image is also available under the supported tag(s): 8-alpine3.20, 8-cli-alpine, 8-cli-alpine3.20, 8.3-alpine, 8.3-alpine3.20, 8.3-cli-alpine, 8.3-cli-alpine3.20, 8.3.11-alpine, 8.3.11-alpine3.20, 8.3.11-cli-alpine, 8.3.11-cli-alpine3.20, alpine, alpine3.20, cli-alpine, cli-alpine3.20

Refresh base image

Rebuild the image using a newer base image version. Updating this may result in breaking changes.

✅ This image version is up to date.

Change base image

✅ There are no tag recommendations at this time.

Copy link

github-actions bot commented Sep 11, 2024

Outdated

🔍 Vulnerabilities of wayofdev/php-dev:latest

📦 Image Reference wayofdev/php-dev:latest
digestsha256:0ce4d8e5a31e08f7f1d8a061e4110898c54289f3482cc2435b2f951eb81d3962
vulnerabilitiescritical: 0 high: 3 medium: 0 low: 0
size140 MB
packages247
📦 Base Image php:8.2-alpine
also known as
  • 8.2-alpine3.20
  • 8.2-cli-alpine
  • 8.2-cli-alpine3.20
  • 8.2.23-alpine
  • 8.2.23-alpine3.20
  • 8.2.23-cli-alpine
  • 8.2.23-cli-alpine3.20
digestsha256:664c504580bbf49e465ef58c3a501ea48c21fbfbef991f34bee822a670fbad49
vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0
critical: 0 high: 3 medium: 0 low: 0 stdlib 1.22.5 (golang)

pkg:golang/[email protected]

high : CVE--2024--34158

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.04%
EPSS Percentile16th percentile
Description

Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion.

high : CVE--2024--34156

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.04%
EPSS Percentile16th percentile
Description

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

high : CVE--2022--30635

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.19%
EPSS Percentile56th percentile
Description

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

Copy link

github-actions bot commented Sep 11, 2024

Outdated

Recommended fixes for image wayofdev/php-dev:latest

Base image is php:8.2-alpine

Name8.2.23-alpine3.20
Digestsha256:664c504580bbf49e465ef58c3a501ea48c21fbfbef991f34bee822a670fbad49
Vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0
Pushed4 days ago
Size36 MB
Packages50
Flavoralpine
OS3.20
Runtime8.2.23
The base image is also available under the supported tag(s): 8.2-alpine3.20, 8.2-cli-alpine, 8.2-cli-alpine3.20, 8.2.23-alpine, 8.2.23-alpine3.20, 8.2.23-cli-alpine, 8.2.23-cli-alpine3.20

Refresh base image

Rebuild the image using a newer base image version. Updating this may result in breaking changes.

✅ This image version is up to date.

Change base image

TagDetailsPushedVulnerabilities
8.3-alpine
Minor runtime version update
Also known as:
  • 8.3.11-cli-alpine
  • 8.3.11-cli-alpine3.20
  • 8.3-cli-alpine
  • 8.3-cli-alpine3.20
  • 8-cli-alpine
  • 8-cli-alpine3.20
  • cli-alpine
  • cli-alpine3.20
  • alpine
  • alpine3.20
  • 8.3.11-alpine
  • 8.3.11-alpine3.20
  • 8.3-alpine3.20
  • 8-alpine
  • 8-alpine3.20
Benefits:
  • Same OS detected
  • Minor runtime version update
  • Image has similar size
  • Image has same number of vulnerabilities
  • Image contains equal number of packages
Image details:
  • Size: 37 MB
  • Flavor: alpine
  • OS: 3.20
  • Runtime: 8.3.11
4 days ago



Copy link

🔍 Vulnerabilities of wayofdev/php-dev:latest

📦 Image Reference wayofdev/php-dev:latest
digestsha256:12acd6f67c0810496ec6b46fe5aba49464da7bb582ae405b35e3afe2604f5dbf
vulnerabilitiescritical: 0 high: 3 medium: 0 low: 0
size140 MB
packages247
📦 Base Image php:8-alpine
also known as
  • 8-alpine3.20
  • 8-cli-alpine
  • 8-cli-alpine3.20
  • 8.3-alpine
  • 8.3-alpine3.20
  • 8.3-cli-alpine
  • 8.3-cli-alpine3.20
  • 8.3.11-alpine
  • 8.3.11-alpine3.20
  • 8.3.11-cli-alpine
  • 8.3.11-cli-alpine3.20
  • alpine
  • alpine3.20
  • cli-alpine
  • cli-alpine3.20
digestsha256:fbd89ae244b08e08eece68310e23f0eb7865496203892ce649781d5d716e544f
vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0
critical: 0 high: 3 medium: 0 low: 0 stdlib 1.22.5 (golang)

pkg:golang/[email protected]

high : CVE--2024--34158

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.04%
EPSS Percentile16th percentile
Description

Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion.

high : CVE--2024--34156

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.04%
EPSS Percentile16th percentile
Description

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

high : CVE--2022--30635

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.19%
EPSS Percentile56th percentile
Description

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

Copy link

Recommended fixes for image wayofdev/php-dev:latest

Base image is php:8-alpine

Name8.3.11-alpine3.20
Digestsha256:fbd89ae244b08e08eece68310e23f0eb7865496203892ce649781d5d716e544f
Vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0
Pushed4 days ago
Size37 MB
Packages50
Flavoralpine
OS3.20
Runtime8.3.11
The base image is also available under the supported tag(s): 8-alpine3.20, 8-cli-alpine, 8-cli-alpine3.20, 8.3-alpine, 8.3-alpine3.20, 8.3-cli-alpine, 8.3-cli-alpine3.20, 8.3.11-alpine, 8.3.11-alpine3.20, 8.3.11-cli-alpine, 8.3.11-cli-alpine3.20, alpine, alpine3.20, cli-alpine, cli-alpine3.20

Refresh base image

Rebuild the image using a newer base image version. Updating this may result in breaking changes.

✅ This image version is up to date.

Change base image

✅ There are no tag recommendations at this time.

@way-finder-bot way-finder-bot self-requested a review September 11, 2024 16:51
@way-finder-bot way-finder-bot self-assigned this Sep 11, 2024
@lotyp lotyp merged commit a25c0c7 into master Sep 11, 2024
17 checks passed
@lotyp lotyp deleted the release-please--branches--master--components--docker-php-dev branch September 11, 2024 16:51
@lotyp
Copy link
Member Author

lotyp commented Sep 11, 2024

🤖 Created releases:

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants