Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Security upgrade python from 3.11.7 to 3.11.9 #311

Merged
merged 1 commit into from
Jul 29, 2024
Merged

[Snyk] Security upgrade python from 3.11.7 to 3.11.9 #311

merged 1 commit into from
Jul 29, 2024

Conversation

perdelt
Copy link
Collaborator

@perdelt perdelt commented Jul 24, 2024

This PR was automatically created by Snyk using the credentials of a real user.


![snyk-top-banner](https://github.com/andygongea/OWASP-Benchmark/assets/818805/c518c423-16fe-447e-b67f-ad5a49b5d123)

Snyk has created this PR to fix 5 vulnerabilities in the dockerfile dependencies of this project.

Keeping your Docker base image up-to-date means you’ll benefit from security fixes in the latest version of your chosen image.

Snyk changed the following file(s):

  • images/benchmarker_dbmsbenchmarker/Dockerfile_template

We recommend upgrading to python:3.11.9, as this image has only 195 known vulnerabilities. To do this, merge this pull request, then verify your application still works as expected.

Vulnerabilities that will be fixed with an upgrade:

Issue Score
high severity Out-of-bounds Write
SNYK-DEBIAN12-IMAGEMAGICK-1548733		   614  
high severity Out-of-bounds Write
SNYK-DEBIAN12-LIBDE265-6105348		   614  
high severity Race Condition
SNYK-DEBIAN12-OPENSSH-7413682		   614  
high severity Improper Input Validation
SNYK-DEBIAN12-PYTHON311-3325304		   614  
high severity Untrusted Search Path
SNYK-DEBIAN12-PYTHON311-5853785		   614  

Important

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • Max score is 1000. Note that the real score may have changed since the PR was raised.
  • This PR was automatically created by Snyk using the credentials of a real user.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Improper Input Validation

@perdelt perdelt closed this Jul 29, 2024
@perdelt perdelt reopened this Jul 29, 2024
@perdelt perdelt changed the base branch from master to dev July 29, 2024 05:41
@perdelt perdelt merged commit ed39119 into dev Jul 29, 2024
2 checks passed
@perdelt perdelt deleted the snyk-fix-4e97d3e28170f601c88352f422ff7de1 branch July 29, 2024 05:41
perdelt added a commit that referenced this pull request Oct 9, 2024
@perdelt
v0.7.2 - Unified, cleaned interface (#329)
3007854 
* fix: requirements.txt to reduce vulnerabilities (#307)

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-REQUESTS-6928867
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-7267250
- https://snyk.io/vuln/SNYK-PYTHON-ZIPP-7430899

Co-authored-by: snyk-bot <snyk-bot@snyk.io>

* Bexhoma: Unify output

* Bexhoma: Correct storage labels

* DBMSBenchmarker: v0.14.2

* Bexhoma: Unify output

* Bexhoma: Unify storage name

* Clustermanager: natural_sort()

* Benchbase: Prepare unified evaluation

* PostgreSQL: Shut down smart and graceful within 180s - otherwise OLTP workloads may crush database

* Benchbase: Prepare unified evaluation, natural sorting

* fix: requirements.txt to reduce vulnerabilities (#308)

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321964
- https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321966
- https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321970
- https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-7448482

Co-authored-by: snyk-bot <snyk-bot@snyk.io>

* PostgreSQL: Try to support recovery from YAML

* fix: images/benchmarker_dbmsbenchmarker/Dockerfile_template to reduce vulnerabilities (#311)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-DEBIAN12-IMAGEMAGICK-1548733
- https://snyk.io/vuln/SNYK-DEBIAN12-LIBDE265-6105348
- https://snyk.io/vuln/SNYK-DEBIAN12-OPENSSH-7413682
- https://snyk.io/vuln/SNYK-DEBIAN12-PYTHON311-3325304
- https://snyk.io/vuln/SNYK-DEBIAN12-PYTHON311-5853785

Co-authored-by: snyk-bot <snyk-bot@snyk.io>

* fix: images/evaluator_dbmsbenchmarker/Dockerfile_template to reduce vulnerabilities (#312)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-DEBIAN12-GDKPIXBUF-6207393
- https://snyk.io/vuln/SNYK-DEBIAN12-GDKPIXBUF-6207393
- https://snyk.io/vuln/SNYK-DEBIAN12-IMAGEMAGICK-1548733
- https://snyk.io/vuln/SNYK-DEBIAN12-PYTHON311-3325304
- https://snyk.io/vuln/SNYK-DEBIAN12-PYTHON311-5853785

Co-authored-by: snyk-bot <snyk-bot@snyk.io>

* DBMSBenchmarker: v0.14.3

* Docs: Include test cases

* DBMS: PostgreSQL with PGBouncer test

* Test Cases: Cleaned and unified

* Docs: More about HammerDB

* Docs: More about Benchbase

* Docs: Updated

* Docs: Updated testcases

* YCSB: Unify parameters

* YCSB: Unify parameters - new approach

* Benchbase: Unify parameters - new approach

* Bexhoma: Message queue output in status

* Bexhoma: test_results_column()

* TPC-H: Unify parameters

* HammerDB: Unify parameters

* Unify parameters: first test run

* Unify parameters: second test run with log files

* prepare_testbed: sketch for TPC-H

* TPC-H: Cleaned by hiding details

* Unify generator und loader pods

* Unify parameters: third test run for docs

* Benchbase: Integrate redis queue

* Unify parameters: third test run for docs

* YCSB: Integrate redis queue corrected

* Unify parameters: third test run for docs

* YCSB: Cleaned by hiding details

* Benchbase: Cleaned by hiding details

* HammerDB: Cleaned by hiding details

* Example: Cleaned by hiding details

* JOSS github action v4

* fix: images/evaluator_dbmsbenchmarker/Dockerfile_template to reduce vulnerabilities (#318)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-DEBIAN12-AOM-7197979
- https://snyk.io/vuln/SNYK-DEBIAN12-KRB5-7411315
- https://snyk.io/vuln/SNYK-DEBIAN12-KRB5-7411315
- https://snyk.io/vuln/SNYK-DEBIAN12-KRB5-7411315
- https://snyk.io/vuln/SNYK-DEBIAN12-KRB5-7411315

Co-authored-by: snyk-bot <snyk-bot@snyk.io>

* fix: images/benchmarker_dbmsbenchmarker/Dockerfile_template to reduce vulnerabilities (#319)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-DEBIAN12-KRB5-7411315
- https://snyk.io/vuln/SNYK-DEBIAN12-KRB5-7411315
- https://snyk.io/vuln/SNYK-DEBIAN12-KRB5-7411315
- https://snyk.io/vuln/SNYK-DEBIAN12-KRB5-7411315
- https://snyk.io/vuln/SNYK-DEBIAN12-KRB5-7411315

Co-authored-by: snyk-bot <snyk-bot@snyk.io>

* Unify parameters: logs for tests and docs

* Experiment: Cleaned by hiding details

* Test: Adjusted times, removed docs

* Test: Demo results

* TPC-H: Cleaned by hiding details

* Experiment: Cleaned by hiding details

* Test: Demo results

* Unify parameters: Treat int as lists of 1 element

* Test: Demo results

* prepare_testbed: sketch for TPC-H

* TPC-H: Cleaned by hiding details

* Unify generator und loader pods

* Unify parameters: third test run for docs

* Benchbase: Integrate redis queue

* Unify parameters: third test run for docs

* YCSB: Integrate redis queue corrected

* Unify parameters: third test run for docs

* YCSB: Cleaned by hiding details

* Benchbase: Cleaned by hiding details

* HammerDB: Cleaned by hiding details

* Example: Cleaned by hiding details

* Unify parameters: logs for tests and docs

* Experiment: Cleaned by hiding details

* Test: Adjusted times, removed docs

* Test: Demo results

* TPC-H: Cleaned by hiding details

* Experiment: Cleaned by hiding details

* Test: Demo results

* Unify parameters: Treat int as lists of 1 element

* Test: Demo results

* Docs: Demo results

* TPC-H: Different Docker image for generator

* Docs: Demo results

* Benchbase: Docs with current commands and results

* YCSB: Docs with current commands and results

* HammerDB: Docs with current commands and results

* TPC-H: Docs with current commands and results

* Docs: Demo results on fixed nodes

* TPC-H: Docs with current commands and results

* Benchbase: Docs with current commands and results

* Bexhoma: Show correct DBMS name in summary

* Bexhoma: Show correct list parameters in summary

* PyPi: use newer version of action script

* TPC-H: Notes in result for SF=100

* Bexhoma: store_workflow_results()

* Bexhoma: update_workload()

* Bexhoma: type in workload

* Bexhoma: get_dashboard_pod()

* Bexhoma: reconstruct_workflow() for dbmsbenchmarker

* Bexhoma: Summary shows workflow (planned and actual)

* Bexhoma: Summary shows duration

* Docs: Demo results on fixed nodes

* Bexhoma: Show type and duration as first in summary

* Bexhoma: store_workflow_results()

* Bexhoma: update_workload()

* Bexhoma: type in workload

* Bexhoma: get_dashboard_pod()

* Bexhoma: reconstruct_workflow() for dbmsbenchmarker

* Bexhoma: Summary shows workflow (planned and actual)

* Bexhoma: Summary shows duration

* Bexhoma: Show type and duration as first in summary

* Docs: Updated demo results

* Bexhoma: test_workflow()

* Docs: Updated demo results

* Bexhoma: Show and compare workflow in summary

* Bexhoma: TEST also for monitoring

* Bexhoma: test_workflow()

* TPC-H: MonetDB new summary format

* Bexhoma: Show and compare workflow in summary also for tpch

* Bexhoma: Summary option for status tool

* Bexhoma: Summary shows experiment code

* Docs: Updated demo pages

* Docs: Updated

* Tests: Adjusted time span per test run based on experiences

* Docs: Current test results

* Bexhoma: Summary option for status tool fixed

* Docs: Current test results, tpch workflow corrected

* Bexhoma: Start collecting known error messages (like missing DNS entry)

* Docs: Current test results

* Bexhoma: workflow_errors for all non dbmsbenchmarker jobs

* Bexhoma: workflow_errors in experiment

* Evaluator: Base class looks for errors in workflow (so it applies to dbmsbenchmarker)

* Evaluator: self.evaluator

* Evaluator: show workflow errors (if any)

* Docs: Doc texts contain exact call for generating doc results

* Bexhoma: Remove all unused imports

* Bexhoma: Added documentation to classes

* Docs: Current test results and final tests

* Evaluator: only show queries with failures in errors and warnings

* Docs: Final test results
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@perdelt @snyk-bot