observability team mailing list archive
-
observability team
-
Mailing list archive
-
Message #00019
Re: Fwd: [Ubuntu-docker-images] CVEs potentially affecting cortex and telegraf
Well, I'd need to inspect every one of those images before making such a
statement, *but, *I'd risk saying that these images, although snap-/source-
based, might also have additional debs, on top of the base `ubuntu` image,
that deserve monitoring. @Luca Bello <luca.bello@xxxxxxxxxxxxx> can you
please confirm that? I.e. if any of your snap-/source-based ROCKs also has
additional debs installed, then it's probably worth monitoring them
nonetheless.
On Thu, Aug 17, 2023 at 2:58 PM Emilia Torino <emilia.torino@xxxxxxxxxxxxx>
wrote:
> Hi!
>
> On Thu, Aug 17, 2023 at 9:53 AM Luca Bello <luca.bello@xxxxxxxxxxxxx>
> wrote:
>
>> Hi everyone,
>>
>> that's correct, SeaweedFS is postponed :)
>> On 17/08/2023 14:50, Cristovao Cordeiro wrote:
>>
>> Hi everyone,
>>
>> here's a ping just to revive this thread.
>>
>> @Emilia Torino <emilia.torino@xxxxxxxxxxxxx> you might have received
>> some GH notifications from me, which are related to @Luca Bello
>> <luca.bello@xxxxxxxxxxxxx> 's images which are now being prepared to be
>> published.
>>
>>
> Yes, I got them and I was also going to ping you all since from our last
> discussion I said:
>
> "I did a search over the provided sources and only found one case where we
> have the project as a deb in the archive, which is alertmanager:
> https://launchpad.net/ubuntu/+source/prometheus-alertmanager.
> So unless you can confirm there are other debs in the archive matching the
> remaining upstream projects, alertmanager is the only one we can add to our
> CVEs monitoring service. I can add it right now."
>
>
>> I'm updating the list from above with the Docker Hub repos that should be
>> monitored:
>>
>> * Alertmanager (https://github.com/prometheus/alertmanager) ->
>> https://hub.docker.com/r/ubuntu/alertmanager (new)
>> * Grafana Agent (https://github.com/grafana/agent) ->
>> https://hub.docker.com/r/ubuntu/grafana-agent (new)
>> * Grafana (https://github.com/grafana/grafana) ->
>> https://hub.docker.com/r/ubuntu/grafana
>> * Loki (https://github.com/grafana/loki) ->
>> https://hub.docker.com/r/ubuntu/loki
>> * Mimir (https://github.com/grafana/mimir) ->
>> https://hub.docker.com/r/ubuntu/mimir (new)
>> * SeaweedFS (https://github.com/seaweedfs/seaweedfs) [1]
>> * Traefik (https://github.com/traefik/traefik) ->
>> https://hub.docker.com/r/ubuntu/traefik (new)
>>
>> So unfortunately, all others can't be monitored with the existing
> solution.
>
>
>> [1] @Luca Bello <luca.bello@xxxxxxxxxxxxx> is this one postponed?
>>
>> On Mon, Jul 3, 2023 at 9:37 AM Luca Bello <luca.bello@xxxxxxxxxxxxx>
>> wrote:
>>
>>> Hi Emilia,
>>>
>>> that's great; thanks for following through!
>>>
>>>
>>> Cheers,
>>>
>>> Luca
>>> On 28/06/2023 22:18, Emilia Torino wrote:
>>>
>>> Hi Luca,
>>>
>>> On Tue, Jun 27, 2023 at 5:11 AM Luca Bello <luca.bello@xxxxxxxxxxxxx>
>>> wrote:
>>>
>>>> Hi Emilia,
>>>>
>>>> I did not look into it as our short-term priorities changed a little
>>>> bit; if you need anything else from my side please let me know!
>>>>
>>>
>>> I did a search over the provided sources and only found one case where
>>> we have the project as a deb in the archive, which is alertmanager:
>>> https://launchpad.net/ubuntu/+source/prometheus-alertmanager
>>>
>>> So unless you can confirm there are other debs in the archive matching
>>> the remaining upstream projects, alertmanager is the only one we can add to
>>> our CVEs monitoring service. I can add it right now.
>>>
>>> Let me know if you have any questions.
>>>
>>> Emilia
>>>
>>>>
>>>> Cheers,
>>>>
>>>> Luca
>>>> On 22/06/2023 17:37, Emilia Torino wrote:
>>>>
>>>> Hi all,
>>>>
>>>> Following up on this issue...
>>>>
>>>> On Fri, Jun 9, 2023 at 12:41 PM Emilia Torino <
>>>> emilia.torino@xxxxxxxxxxxxx> wrote:
>>>>
>>>>> Hi all,
>>>>>
>>>>> On 9/6/23 06:20, Cristovao Cordeiro wrote:
>>>>> > Sounds good to me. @Emilia Torino
>>>>> > <mailto:emilia.torino@xxxxxxxxxxxxx> do you need those repos to
>>>>> exist in
>>>>> > Docker Hub before you can onboard these?
>>>>>
>>>>> We don't. Since we don't scan the upstream based ROCKs (we only need
>>>>> this for the deb based ones).
>>>>>
>>>>> >
>>>>> > On Fri, Jun 9, 2023 at 10:42 AM Luca Bello <luca.bello@xxxxxxxxxxxxx
>>>>> > <mailto:luca.bello@xxxxxxxxxxxxx>> wrote:
>>>>> >
>>>>> > Hello everyone,
>>>>> >
>>>>> > as mentioned before, the ROCKs we have are all based on upstream
>>>>> > projects; the list is the following, as required:
>>>>> >
>>>>> > * Alertmanager (https://github.com/prometheus/alertmanager
>>>>> > <https://github.com/prometheus/alertmanager>)
>>>>> > * Grafana Agent (https://github.com/grafana/agent
>>>>> > <https://github.com/grafana/agent>)
>>>>> > * Grafana (https://github.com/grafana/grafana
>>>>> > <https://github.com/grafana/grafana>)
>>>>> > * Loki (https://github.com/grafana/loki
>>>>> > <https://github.com/grafana/loki>)
>>>>> > * Mimir (https://github.com/grafana/mimir
>>>>> > <https://github.com/grafana/mimir>)
>>>>> > * SeaweedFS (https://github.com/seaweedfs/seaweedfs
>>>>> > <https://github.com/seaweedfs/seaweedfs>)
>>>>> > * Traefik (https://github.com/traefik/traefik
>>>>> > <https://github.com/traefik/traefik>)
>>>>> >
>>>>> > Please let me know if any of these qualifies!
>>>>>
>>>>> I am not sure how urgent is this, but if you help me identify the
>>>>> Ubuntu
>>>>> source packages associated we can make this faster. Otherwise we can
>>>>> work on this next week.
>>>>>
>>>>
>>>> Did you have a chance to check this?
>>>>
>>>>
>>>>>
>>>>> >
>>>>> >
>>>>> > Cheers,
>>>>> >
>>>>> > Luca
>>>>> >
>>>>> > On 31/05/2023 18:29, Cristovao Cordeiro wrote:
>>>>> >>
>>>>> >> So the only change from our side will be to add
>>>>> >> prometheus to the email notification subject (or I guess we
>>>>> >> can just
>>>>> >> simple replace it with "CVEs potentially affecting upstream
>>>>> based
>>>>> >> ROCKs"). Are the email recipients the same ones for the
>>>>> other
>>>>> >> ones?
>>>>> >>
>>>>> >>
>>>>> >> I think that would be fine for now. I'm reluctant to use the
>>>>> >> mailing list as a catch-all, but I think we can re-design this
>>>>> >> once there is an event bus at Canonical, so we rely less on
>>>>> emails.
>>>>> >>
>>>>> >> As for the other 10 ROCKs, @Luca Bello
>>>>> >> <mailto:luca.bello@xxxxxxxxxxxxx> let's first do the right due
>>>>> >> diligence on those, cause if a ROCK is not meant to be under the
>>>>> >> "ubuntu" namespace, then this security monitoring doesn't need
>>>>> to
>>>>> >> apply.
>>>>> >>
>>>>> >> On Wed, May 31, 2023 at 3:58 PM Emilia Torino
>>>>> >> <emilia.torino@xxxxxxxxxxxxx <mailto:
>>>>> emilia.torino@xxxxxxxxxxxxx>>
>>>>> >> wrote:
>>>>> >>
>>>>> >>
>>>>> >> Hi all,
>>>>> >>
>>>>> >> On 31/5/23 04:03, Luca Bello wrote:
>>>>> >> > Hi everyone,
>>>>> >> >
>>>>> >> > as said in the thread already, the prometheus image is
>>>>> >> indeed a ROCK
>>>>> >> > based on the *prometheus/prometheus* repository.
>>>>> >>
>>>>> >> That's very convenient. But just to be clear again, we are
>>>>> not
>>>>> >> "inspecting" the upstream based rocks the same way we do for
>>>>> >> the deb
>>>>> >> based ones. We are only monitoring new CVEs created for
>>>>> >> prometheus,
>>>>> >> protobuf and consul. So the only change from our side will
>>>>> be
>>>>> >> to add
>>>>> >> prometheus to the email notification subject (or I guess we
>>>>> >> can just
>>>>> >> simple replace it with "CVEs potentially affecting upstream
>>>>> based
>>>>> >> ROCKs"). Are the email recipients the same ones for the
>>>>> other
>>>>> >> ones?
>>>>> >>
>>>>> >> >
>>>>> >> > We're in the process of updating all of our ROCKs in a
>>>>> >> similar way,
>>>>> >> > meaning we want to make sure we are complying with any
>>>>> >> guidelines you
>>>>> >> > might have on them.
>>>>> >> > We have about 10 ROCKs at the moment, mostly based on
>>>>> >> upstream projects
>>>>> >> > just like this one. Should I share the full list, so you
>>>>> can
>>>>> >> track them?
>>>>> >>
>>>>> >> I am happy to do an analysis of this list to see if we can
>>>>> add
>>>>> >> more. The
>>>>> >> short answer would be that if the software is packaged as a
>>>>> >> deb in main
>>>>> >> or universe (which is the situation for prometheus, protobuf
>>>>> >> and consul)
>>>>> >> then we can simply add them. This is because the service is
>>>>> >> based on the
>>>>> >> existing CVE triage work the security team does, which is
>>>>> >> mainly for
>>>>> >> debs (although now is being extended to other ecosystems
>>>>> >> because of SOSS
>>>>> >> but it is still limited and mainly supporting NVIDIA
>>>>> software).
>>>>> >>
>>>>> >> A simple improvement though could be to map the projects to
>>>>> >> the rocks so
>>>>> >> you dont get a general notification, but one per ROCK as the
>>>>> >> USNs/debs
>>>>> >> based service does. We can work on adding this for the next
>>>>> cycle.
>>>>> >>
>>>>> >> >
>>>>> >> >
>>>>> >> > Cheers,
>>>>> >> >
>>>>> >> > Luca
>>>>> >> >
>>>>> >> >
>>>>> >> > On 31/05/2023 08:12, Cristovao Cordeiro wrote:
>>>>> >> >> Thank you for the swift action, Emilia!
>>>>> >> >>
>>>>> >> >> > Does this
>>>>> >> >> > relate to a question being asked some hours ago in
>>>>> >> >> > ~Security
>>>>> >> >>
>>>>> >>
>>>>> https://chat.canonical.com/canonical/pl/dchhoa7wxtyiper7rbk8h43mjo <
>>>>> https://chat.canonical.com/canonical/pl/dchhoa7wxtyiper7rbk8h43mjo>?
>>>>> >> >>
>>>>> >> >> Yes, precisely. @Luca Bello
>>>>> >> <mailto:luca.bello@xxxxxxxxxxxxx
>>>>> >> <mailto:luca.bello@xxxxxxxxxxxxx>> is in
>>>>> >> >> the process of updating that image and we're re-doing our
>>>>> >> due diligence.
>>>>> >> >> Luca can confirm, but this seems to be a ROCK based
>>>>> >> precisely on that
>>>>> >> >> upstream Prometheus repository that you are already
>>>>> monitoring
>>>>> >> >>
>>>>> >> (
>>>>> https://github.com/canonical/prometheus-rock/blob/main/rockcraft.yaml#L19
>>>>> <
>>>>> https://github.com/canonical/prometheus-rock/blob/main/rockcraft.yaml#L19
>>>>> >).
>>>>> >> >>
>>>>> >> >> Can we then add this image to your list of tracked ROCKs?
>>>>> >> >>
>>>>> >> >>
>>>>> >> >> On Tue, May 30, 2023 at 9:45 PM Emilia Torino
>>>>> >> >> <emilia.torino@xxxxxxxxxxxxx
>>>>> >> <mailto:emilia.torino@xxxxxxxxxxxxx>> wrote:
>>>>> >> >>
>>>>> >> >> Hey all,
>>>>> >> >>
>>>>> >> >> On 30/5/23 13:14, Emilia Torino wrote:
>>>>> >> >> > Hi Cristovao,
>>>>> >> >> >
>>>>> >> >> > On 30/5/23 09:41, Cristovao Cordeiro wrote:
>>>>> >> >> >> Hi Emilia,
>>>>> >> >> >>
>>>>> >> >> >> could you please confirm the `prometheus`
>>>>> container
>>>>> >> image is being
>>>>> >> >> >> monitored?
>>>>> >> >> >
>>>>> >> >> > I don't see prometheus being monitored by our
>>>>> >> services (not as a
>>>>> >> >> rock
>>>>> >> >> > based on upstream source code nor as a rock based
>>>>> on
>>>>> >> debs). Does
>>>>> >> >> this
>>>>> >> >> > relate to a question being asked some hours ago in
>>>>> >> >> > ~Security
>>>>> >> >>
>>>>> >>
>>>>> https://chat.canonical.com/canonical/pl/dchhoa7wxtyiper7rbk8h43mjo <
>>>>> https://chat.canonical.com/canonical/pl/dchhoa7wxtyiper7rbk8h43mjo>?
>>>>> >> >> >
>>>>> >> >> >
>>>>> >> >> > These emails' subject only mentions cortex and
>>>>> >> telegraf, but
>>>>> >> >> >> I can see "
>>>>> https://github.com/prometheus/prometheus
>>>>> >> <https://github.com/prometheus/prometheus>
>>>>> >> >> >> <https://github.com/prometheus/prometheus
>>>>> >> <https://github.com/prometheus/prometheus>>" in the body
>>>>> of the
>>>>> >> >> email.
>>>>> >> >> >
>>>>> >> >> > Apologize for the confusion, this sounds like a bug
>>>>> >> in the email
>>>>> >> >> content
>>>>> >> >> > generator code. I will take a look at it later.
>>>>> >> >>
>>>>> >> >> I investigated this bug and it should be solved
>>>>> >> already. There was an
>>>>> >> >> issue in the past, but we fixed it already. I thought
>>>>> >> it could be
>>>>> >> >> related but I see this notification you are asking is
>>>>> >> from March.
>>>>> >> >> If you
>>>>> >> >> check the last notification sent on Thu, May 4,
>>>>> 2:03 AM
>>>>> >> is correctly
>>>>> >> >> reporting about a single package (cortex only).
>>>>> >> >>
>>>>> >> >> Let me know if you have any further question.
>>>>> >> >>
>>>>> >> >> In this case, only a new
>>>>> >> >> > CVE affecting consul has been created in our
>>>>> tracker
>>>>> >> >> >
>>>>> >> >>
>>>>> >>
>>>>> https://git.launchpad.net/ubuntu-cve-tracker/tree/active/CVE-2023-0845
>>>>> <
>>>>> https://git.launchpad.net/ubuntu-cve-tracker/tree/active/CVE-2023-0845
>>>>> >.
>>>>> >> >> >
>>>>> >> >> > Still, this does not mean cortex and telegraf are
>>>>> >> affected,
>>>>> >> >> since this
>>>>> >> >> > needs triage (i.e. understand if the code/version
>>>>> >> present in the
>>>>> >> >> rocks
>>>>> >> >> > are indeed vulnerable).
>>>>> >> >> >
>>>>> >> >> > FYI the reason why
>>>>> >> https://github.com/prometheus/prometheus
>>>>> >> <https://github.com/prometheus/prometheus> (and
>>>>> >> >> also
>>>>> >> >> > https://github.com/gogo/protobuf
>>>>> >> <https://github.com/gogo/protobuf>) are listed in this
>>>>> email, is
>>>>> >> >> because
>>>>> >> >> > these 3 are the *only* upstream projects we are
>>>>> >> monitoring
>>>>> >> >> (because of
>>>>> >> >> > the bug the 3 are incorrectly listed in the email,
>>>>> >> only consul
>>>>> >> >> should
>>>>> >> >> > be). In other words, we are not scanning every
>>>>> >> upstream source
>>>>> >> >> project
>>>>> >> >> > which is used to build cortex and telegraf.
>>>>> >> >> >
>>>>> >> >> > There are reasons why this service is very limited,
>>>>> >> and I hope this
>>>>> >> >> > is/was clear. Let me know if you need more
>>>>> information.
>>>>> >> >> >
>>>>> >> >> > Emilia
>>>>> >> >> >
>>>>> >> >> >
>>>>> >> >> >>
>>>>> >> >> >> ---------- Forwarded message ---------
>>>>> >> >> >> From: <security-team-toolbox-bot@xxxxxxxxxxxxx
>>>>> >> <mailto:security-team-toolbox-bot@xxxxxxxxxxxxx>
>>>>> >> >> >> <mailto:security-team-toolbox-bot@xxxxxxxxxxxxx
>>>>> >> <mailto:security-team-toolbox-bot@xxxxxxxxxxxxx>>>
>>>>> >> >> >> Date: Sat, Mar 11, 2023 at 6:03 AM
>>>>> >> >> >> Subject: [Ubuntu-docker-images] CVEs potentially
>>>>> >> affecting
>>>>> >> >> cortex and
>>>>> >> >> >> telegraf
>>>>> >> >> >> To: <ubuntu-docker-images@xxxxxxxxxxxxxxxxxxx
>>>>> >> <mailto:ubuntu-docker-images@xxxxxxxxxxxxxxxxxxx>
>>>>> >> >> >> <mailto:ubuntu-docker-images@xxxxxxxxxxxxxxxxxxx
>>>>> >> <mailto:ubuntu-docker-images@xxxxxxxxxxxxxxxxxxx>>>,
>>>>> >> >> >> <sergio.durigan@xxxxxxxxxxxxx
>>>>> >> <mailto:sergio.durigan@xxxxxxxxxxxxx>
>>>>> >> >> <mailto:sergio.durigan@xxxxxxxxxxxxx
>>>>> >> <mailto:sergio.durigan@xxxxxxxxxxxxx>>>,
>>>>> >> >> >> <emilia.torino@xxxxxxxxxxxxx
>>>>> >> <mailto:emilia.torino@xxxxxxxxxxxxx>
>>>>> >> >> <mailto:emilia.torino@xxxxxxxxxxxxx
>>>>> >> <mailto:emilia.torino@xxxxxxxxxxxxx>>>,
>>>>> >> >> >> <alex.murray@xxxxxxxxxxxxx
>>>>> >> <mailto:alex.murray@xxxxxxxxxxxxx>
>>>>> >> <mailto:alex.murray@xxxxxxxxxxxxx
>>>>> >> <mailto:alex.murray@xxxxxxxxxxxxx>>>,
>>>>> >> >> >> <simon.aronsson@xxxxxxxxxxxxx
>>>>> >> <mailto:simon.aronsson@xxxxxxxxxxxxx>
>>>>> >> >> <mailto:simon.aronsson@xxxxxxxxxxxxx
>>>>> >> <mailto:simon.aronsson@xxxxxxxxxxxxx>>>,
>>>>> >> >> >> <dylan.stephano-shachter@xxxxxxxxxxxxx
>>>>> >> <mailto:dylan.stephano-shachter@xxxxxxxxxxxxx>
>>>>> >> >> >> <mailto:dylan.stephano-shachter@xxxxxxxxxxxxx
>>>>> >> <mailto:dylan.stephano-shachter@xxxxxxxxxxxxx>>>
>>>>> >> >> >>
>>>>> >> >> >>
>>>>> >> >> >> New CVEs affecting packages used to build upstream
>>>>> >> based rocks
>>>>> >> >> have been
>>>>> >> >> >> created in the Ubuntu CVE tracker:
>>>>> >> >> >>
>>>>> >> >> >> * https://github.com/gogo/protobuf
>>>>> >> <https://github.com/gogo/protobuf>
>>>>> >> >> <https://github.com/gogo/protobuf
>>>>> >> <https://github.com/gogo/protobuf>>:
>>>>> >> >> >> * https://github.com/hashicorp/consul
>>>>> >> <https://github.com/hashicorp/consul>
>>>>> >> >> >> <https://github.com/hashicorp/consul
>>>>> >> <https://github.com/hashicorp/consul>>: CVE-2023-0845
>>>>> >> >> >> * https://github.com/prometheus/prometheus
>>>>> >> <https://github.com/prometheus/prometheus>
>>>>> >> >> >> <https://github.com/prometheus/prometheus
>>>>> >> <https://github.com/prometheus/prometheus>>:
>>>>> >> >> >>
>>>>> >> >> >> Please review your rock to understand if it is
>>>>> >> affected by
>>>>> >> >> these CVEs.
>>>>> >> >> >>
>>>>> >> >> >> Thank you for your rock and for attending to this
>>>>> >> matter.
>>>>> >> >> >>
>>>>> >> >> >> References:
>>>>> >> >> >>
>>>>> >> >>
>>>>> >>
>>>>> https://git.launchpad.net/ubuntu-cve-tracker/tree/active/CVE-2023-0845
>>>>> <
>>>>> https://git.launchpad.net/ubuntu-cve-tracker/tree/active/CVE-2023-0845
>>>>> >
>>>>> >> >> >>
>>>>> >> >>
>>>>> >> <
>>>>> https://git.launchpad.net/ubuntu-cve-tracker/tree/active/CVE-2023-0845
>>>>> <
>>>>> https://git.launchpad.net/ubuntu-cve-tracker/tree/active/CVE-2023-0845
>>>>> >>
>>>>> >> >> >>
>>>>> >> >> >>
>>>>> >> >> >>
>>>>> >> >> >> --
>>>>> >> >> >> Mailing list:
>>>>> >> https://launchpad.net/~ubuntu-docker-images
>>>>> >> <https://launchpad.net/~ubuntu-docker-images>
>>>>> >> >> >> <https://launchpad.net/~ubuntu-docker-images
>>>>> >> <https://launchpad.net/~ubuntu-docker-images>>
>>>>> >> >> >> Post to :
>>>>> >> ubuntu-docker-images@xxxxxxxxxxxxxxxxxxx
>>>>> >> <mailto:ubuntu-docker-images@xxxxxxxxxxxxxxxxxxx>
>>>>> >> >> >> <mailto:ubuntu-docker-images@xxxxxxxxxxxxxxxxxxx
>>>>> >> <mailto:ubuntu-docker-images@xxxxxxxxxxxxxxxxxxx>>
>>>>> >> >> >> Unsubscribe :
>>>>> >> https://launchpad.net/~ubuntu-docker-images
>>>>> >> <https://launchpad.net/~ubuntu-docker-images>
>>>>> >> >> >> <https://launchpad.net/~ubuntu-docker-images
>>>>> >> <https://launchpad.net/~ubuntu-docker-images>>
>>>>> >> >> >> More help : https://help.launchpad.net/ListHelp
>>>>> >> <https://help.launchpad.net/ListHelp>
>>>>> >> >> >> <https://help.launchpad.net/ListHelp
>>>>> >> <https://help.launchpad.net/ListHelp>>
>>>>> >> >> >>
>>>>> >> >> >>
>>>>> >> >> >> --
>>>>> >> >> >> Cris
>>>>> >> >>
>>>>> >> >>
>>>>> >> >>
>>>>> >> >> --
>>>>> >> >> Cris
>>>>> >>
>>>>> >>
>>>>> >>
>>>>> >> --
>>>>> >> Cris
>>>>> > ____
>>>>> >
>>>>> >
>>>>> >
>>>>> > --
>>>>> > Cris
>>>>>
>>>>
>>
>> --
>> Cris
>>
>>
--
Cris
Follow ups
References
-
Fwd: [Ubuntu-docker-images] CVEs potentially affecting cortex and telegraf
From: Cristovao Cordeiro, 2023-05-30
-
Re: Fwd: [Ubuntu-docker-images] CVEs potentially affecting cortex and telegraf
From: Emilia Torino, 2023-05-30
-
Re: Fwd: [Ubuntu-docker-images] CVEs potentially affecting cortex and telegraf
From: Emilia Torino, 2023-05-30
-
Re: Fwd: [Ubuntu-docker-images] CVEs potentially affecting cortex and telegraf
From: Cristovao Cordeiro, 2023-05-31
-
Re: Fwd: [Ubuntu-docker-images] CVEs potentially affecting cortex and telegraf
From: Luca Bello, 2023-05-31
-
Re: Fwd: [Ubuntu-docker-images] CVEs potentially affecting cortex and telegraf
From: Emilia Torino, 2023-05-31
-
Re: Fwd: [Ubuntu-docker-images] CVEs potentially affecting cortex and telegraf
From: Cristovao Cordeiro, 2023-05-31
-
Re: Fwd: [Ubuntu-docker-images] CVEs potentially affecting cortex and telegraf
From: Luca Bello, 2023-06-09
-
Re: Fwd: [Ubuntu-docker-images] CVEs potentially affecting cortex and telegraf
From: Cristovao Cordeiro, 2023-06-09
-
Re: Fwd: [Ubuntu-docker-images] CVEs potentially affecting cortex and telegraf
From: Emilia Torino, 2023-06-09
-
Re: Fwd: [Ubuntu-docker-images] CVEs potentially affecting cortex and telegraf
From: Emilia Torino, 2023-06-22
-
Re: Fwd: [Ubuntu-docker-images] CVEs potentially affecting cortex and telegraf
From: Luca Bello, 2023-06-27
-
Re: Fwd: [Ubuntu-docker-images] CVEs potentially affecting cortex and telegraf
From: Emilia Torino, 2023-06-28
-
Re: Fwd: [Ubuntu-docker-images] CVEs potentially affecting cortex and telegraf
From: Luca Bello, 2023-07-03
-
Re: Fwd: [Ubuntu-docker-images] CVEs potentially affecting cortex and telegraf
From: Cristovao Cordeiro, 2023-08-17
-
Re: Fwd: [Ubuntu-docker-images] CVEs potentially affecting cortex and telegraf
From: Luca Bello, 2023-08-17
-
Re: Fwd: [Ubuntu-docker-images] CVEs potentially affecting cortex and telegraf
From: Emilia Torino, 2023-08-17
