8 matches found
podman: podman missing TLS verification
A flaw was found in Podman. The podman machine init command fails to verify the TLS certificate when downloading the VM images from an OCI registry. This issue results in a Man In The Middle attack...
OPENSUSE-SU-2024:0269-1 Security update for trivy
trivy was updated to fix the following issues: Update to version 0.54.1: fixflag: incorrect behavior for deprected flag --clear-cache backport: release/v0.54 7285 fixjava: Return error when trying to find a remote pom to avoid segfault backport: release/v0.54 7283 fixplugin: do not call GitHub...
Fedora: Security Advisory for golang-oras (FEDORA-2023-c9b2182a4e)
The remote host is missing an update for the Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 37 Update: golang-oras-0.15.1-1.20221105git690716b.fc37
Work with OCI registries, but for secure supply chain - managing content like artifacts, images, SBOM...
[SECURITY] Fedora 36 Update: golang-oras-0.15.1-1.20221105git690716b.fc36
Work with OCI registries, but for secure supply chain - managing content like artifacts, images, SBOM...
[SECURITY] Fedora 38 Update: golang-oras-0.15.1-1.20221105git690716b.fc38
Work with OCI registries, but for secure supply chain - managing content like artifacts, images, SBOM...
Fedora: Security Advisory for golang-oras (FEDORA-2023-4e2068ba5d)
The remote host is missing an update for the Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora: Security Advisory for golang-oras (FEDORA-2023-6550d9323b)
The remote host is missing an update for the Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...