Moderate: Red Hat Security Advisory: Red Hat Quay v3.3.3 bug fix and security update

Red Hat Quay v3.3.3 is now available with bug fixes and security updates. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

Klar - Integration Of Clair And Docker Registry

Integration of Clair and Docker Registry supports both Clair API v1 and v3 Klar is a simple tool to analyze images stored in a private or public Docker registry for security vulnerabilities using Clair https://github.com/coreos/clair. Klar is designed to be used as an integration tool so it relie...

Moderate: Red Hat Security Advisory: Red Hat Quay 3.0.2 security and bug fix update

An update is now available for Red Hat Quay 3. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

Analyzing Go Vendoring with BigQuery

GitHub published a snapshot of all the public open-source repositories to BigQuery and Francesc used it to draw some cool statistics about Go projects. I used the same dataset to analyze how the Go ecosystem does vendoring. Disclosure: there's some ego stroking here, as I'm the author of gvt. Try...

Vulnerability Static Analysis for Containers: clair

Clair is an open source project for the static analysis of vulnerabilities in appc and docker containers Vulnerability data is continuously imported from a known set of sources and correlated with the indexed contents of container images in order to produce lists of vulnerabilities that threaten ...