Spring Tips: Testcontainers, Docker Compose, and Service Connections, oh my

Hi, Spring fans! In this installment, we look at the amazing service connection mechanism in Spring Boot. Service connections are what allow Spring Boot to connect to Testcontainers or Docker Compose containers for supporting infrastructure like SQL databases, middleare, and more. java...

CBL Mariner 2.0 Security Update: containerd / cri-tools / docker-buildx / docker-compose / moby-containerd-cc (CVE-2023-47108)

The version of containerd / cri-tools / docker-buildx / docker-compose / moby-containerd-cc installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-47108 advisory. - OpenTelemetry-Go Contrib is a collecti...

CBL Mariner 2.0 Security Update: docker-buildx / docker-compose / moby-compose / moby-engine (CVE-2024-23650)

The version of docker-buildx / docker-compose / moby-compose / moby-engine installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-23650 advisory. - BuildKit is a toolkit for converting source code to bui...

CBL Mariner 2.0 Security Update: docker-compose / moby-engine / docker-buildx / moby-cli (CVE-2024-23653)

The version of docker-compose / moby-engine / docker-buildx / moby-cli installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-23653 advisory. - BuildKit is a toolkit for converting source code to build...

CBL Mariner 2.0 Security Update: cert-manager / helm / moby-cli / moby-compose / moby-engine (CVE-2023-2253)

The version of cert-manager / helm / moby-cli / moby-compose / moby-engine installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-2253 advisory. - A flaw was found in the /v2/catalog endpoint in...

CBL Mariner 2.0 Security Update: application-gateway-kubernetes-ingress / azcopy / blobfuse2 / cert-manager / coredns (CVE-2023-45288)

The version of application-gateway-kubernetes-ingress / azcopy / blobfuse2 / cert-manager / coredns installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-45288 advisory. - An attacker May cause an HTTP/...

OPENSUSE-SU-2024:12809-1 docker-compose-2.17.0-1.1 on GA media

These are all security issues fixed in the docker-compose-2.17.0-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:12421-1 docker-compose-2.12.0-1.1 on GA media

These are all security issues fixed in the docker-compose-2.12.0-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:12876-1 docker-compose-2.17.3-1.1 on GA media

These are all security issues fixed in the docker-compose-2.17.3-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:12600-1 docker-compose-2.15.1-1.1 on GA media

These are all security issues fixed in the docker-compose-2.15.1-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:12430-1 docker-compose-2.12.2-1.1 on GA media

These are all security issues fixed in the docker-compose-2.12.2-1.1 package on the GA media of openSUSE Tumbleweed...

CVE-2023-2253 affecting package moby-compose for versions less than 2.17.3-5

CVE-2023-2253 affecting package moby-compose for versions less than 2.17.3-5. A patched version of the package is available...

CVE-2023-48795 affecting package moby-compose for versions less than 2.17.3-5

CVE-2023-48795 affecting package moby-compose for versions less than 2.17.3-5. A patched version of the package is available...

CVE-2024-23650 affecting package moby-compose for versions less than 2.17.3-5

CVE-2024-23650 affecting package moby-compose for versions less than 2.17.3-5. A patched version of the package is available...

CVE-2023-45288 affecting package moby-compose for versions less than 2.17.3-3

CVE-2023-45288 affecting package moby-compose for versions less than 2.17.3-3. A patched version of the package is available...

OESA-2024-1690 uriparser security update

The package is a strictly RFC 3986 compliant URI parsing library written in C89"ANSI C". uriparser is cross-platform, fast, supports Unicode and is licensed under the New BSD license. There are a number of applications, libraries and hardware using uriparser, as well as bindings and 3rd-party...

OESA-2024-1625 docker security update

Docker is an open source project to build, ship and run any application as a lightweight container. Security Fixes: Moby is an open source container framework that is a key component of Docker Engine, Docker Desktop, and other distributions of container tooling or runtimes. In 26.0.0, IPv6 is not...

CVE-2021-47307 cifs: prevent NULL deref in cifs_compose_mount_options()

In the Linux kernel, the following vulnerability has been resolved: cifs: prevent NULL deref in cifscomposemountoptions The optional @ref parameter might contain an NULL nodename, so prevent dereferencing it in cifscomposemountoptions. Addresses-Coverity: 1476408 "Explicit null dereferenced"...

CVE-2024-23653 affecting package docker-compose for versions less than 2.27.0-1

CVE-2024-23653 affecting package docker-compose for versions less than 2.27.0-1. An upgraded version of the package is available that resolves this issue...

CVE-2023-47108 affecting package docker-compose for versions less than 2.27.0-1

CVE-2023-47108 affecting package docker-compose for versions less than 2.27.0-1. An upgraded version of the package is available that resolves this issue...