Add release v2.8.9

rajch · Aug 9, 2024 · 463c7af · 463c7af
1 parent 981196a
commit 463c7af
Show file tree

Hide file tree

Showing 5 changed files with 71 additions and 79 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,3 +1,7 @@
+## Release 2.8.9
+
+This release bumps the Go version to 1.22.2, the alpine base image to version 3.20.2, and upgrades a dependency as per CVE recommendations.
+
 ## Release 2.8.8
 
 The alpine base image used by `weave-kube` and `weave-npc` has been upgraded to version 3.20.0 in this release. This removes several CVEs.

diff --git a/reweave/CHANGELOG.md b/reweave/CHANGELOG.md
@@ -1,6 +1,13 @@
 # Changelog
 
-All changes made to the weave net codebase during the reweave effort will be documented in this file.
+All changes made to the weave net codebase since the fork will be documented in this file.
+
+## 2.8.9
+
+### Changed
+
+* Changed version in `reweave/Makefile` to 2.8.9
+* Modified reweave and main CHANGELOG.md
 
 ## 2.8.9-beta1
 

diff --git a/reweave/Makefile b/reweave/Makefile
@@ -1,4 +1,4 @@
-IMAGE_VERSION ?= 2.8.9-beta1
+IMAGE_VERSION ?= 2.8.9
 REGISTRY_USER ?= rajchaudhuri
 
 ALPINE_BASEIMAGE ?= alpine:3.20.2

diff --git a/reweave/scans/badge.json b/reweave/scans/badge.json
@@ -1 +1 @@
-{"schemaVersion": 1, "label": "Vulnerabilty count", "message": "20", "color": "orange"}
+{"schemaVersion": 1, "label": "Vulnerabilty count", "message": "14", "color": "orange"}
diff --git a/reweave/scans/report.md b/reweave/scans/report.md
@@ -2,8 +2,8 @@
 
 ```
 Report date: 2024-08-09
-Unique vulnerability count: 20
-Images version: 2.8.8
+Unique vulnerability count: 14
+Images version: 2.8.9
 ```
 
 ## Scanner Details
@@ -23,93 +23,74 @@ Supported DB Schema: 5
 
 ## Vulnerabilities
 
-### weave-kube: (20) 
+### weave-kube: (14) 
 
 ```
-NAME                      INSTALLED             FIXED-IN  TYPE       VULNERABILITY        SEVERITY 
-bind-libs                 9.18.27-r0                      apk        CVE-2024-4076        High      
-bind-libs                 9.18.27-r0                      apk        CVE-2024-1975        High      
-bind-libs                 9.18.27-r0                      apk        CVE-2024-1737        High      
-bind-libs                 9.18.27-r0                      apk        CVE-2024-0760        High      
-bind-tools                9.18.27-r0                      apk        CVE-2024-4076        High      
-bind-tools                9.18.27-r0                      apk        CVE-2024-1975        High      
-bind-tools                9.18.27-r0                      apk        CVE-2024-1737        High      
-bind-tools                9.18.27-r0                      apk        CVE-2024-0760        High      
-curl                      8.7.1-r0              8.9.0-r0  apk        CVE-2024-6197        High      
-curl                      8.7.1-r0              8.9.0-r0  apk        CVE-2024-6874        Low       
-curl                      8.7.1-r0                        apk        CVE-2024-7264        Unknown   
-github.com/docker/docker  v24.0.9+incompatible  25.0.6    go-module  GHSA-v23v-6jw2-98fq  Critical  
-libcrypto3                3.3.1-r0              3.3.1-r1  apk        CVE-2024-5535        Critical  
-libcurl                   8.7.1-r0              8.9.0-r0  apk        CVE-2024-6197        High      
-libcurl                   8.7.1-r0              8.9.0-r0  apk        CVE-2024-6874        Low       
-libssl3                   3.3.1-r0              3.3.1-r1  apk        CVE-2024-5535        Critical  
-stdlib                    go1.21.9                        go-module  CVE-2024-24790       Critical  
-stdlib                    go1.21.9                        go-module  CVE-2024-24791       High      
-stdlib                    go1.21.9                        go-module  CVE-2024-24789       Medium    
-stdlib                    go1.21.9                        go-module  CVE-2024-24787       Medium
+NAME        INSTALLED   FIXED-IN  TYPE       VULNERABILITY   SEVERITY 
+bind-libs   9.18.27-r0            apk        CVE-2024-4076   High      
+bind-libs   9.18.27-r0            apk        CVE-2024-1975   High      
+bind-libs   9.18.27-r0            apk        CVE-2024-1737   High      
+bind-libs   9.18.27-r0            apk        CVE-2024-0760   High      
+bind-tools  9.18.27-r0            apk        CVE-2024-4076   High      
+bind-tools  9.18.27-r0            apk        CVE-2024-1975   High      
+bind-tools  9.18.27-r0            apk        CVE-2024-1737   High      
+bind-tools  9.18.27-r0            apk        CVE-2024-0760   High      
+curl        8.9.0-r0              apk        CVE-2024-7264   Unknown   
+stdlib      go1.22.2              go-module  CVE-2024-24790  Critical  
+stdlib      go1.22.2              go-module  CVE-2024-24791  High      
+stdlib      go1.22.2              go-module  CVE-2024-24789  Medium    
+stdlib      go1.22.2              go-module  CVE-2024-24787  Medium    
+stdlib      go1.22.2              go-module  CVE-2024-24788  Unknown
 ```
 
-### weave-npc: (6) 
+### weave-npc: (5) 
 
 ```
-NAME        INSTALLED  FIXED-IN  TYPE       VULNERABILITY   SEVERITY 
-libcrypto3  3.3.1-r0   3.3.1-r1  apk        CVE-2024-5535   Critical  
-libssl3     3.3.1-r0   3.3.1-r1  apk        CVE-2024-5535   Critical  
-stdlib      go1.21.9             go-module  CVE-2024-24790  Critical  
-stdlib      go1.21.9             go-module  CVE-2024-24791  High      
-stdlib      go1.21.9             go-module  CVE-2024-24789  Medium    
-stdlib      go1.21.9             go-module  CVE-2024-24787  Medium
+NAME    INSTALLED  FIXED-IN  TYPE       VULNERABILITY   SEVERITY 
+stdlib  go1.22.2             go-module  CVE-2024-24790  Critical  
+stdlib  go1.22.2             go-module  CVE-2024-24791  High      
+stdlib  go1.22.2             go-module  CVE-2024-24789  Medium    
+stdlib  go1.22.2             go-module  CVE-2024-24787  Medium    
+stdlib  go1.22.2             go-module  CVE-2024-24788  Unknown
 ```
 
-### weave: (20) 
+### weave: (14) 
 
 ```
-NAME                      INSTALLED             FIXED-IN  TYPE       VULNERABILITY        SEVERITY 
-bind-libs                 9.18.27-r0                      apk        CVE-2024-4076        High      
-bind-libs                 9.18.27-r0                      apk        CVE-2024-1975        High      
-bind-libs                 9.18.27-r0                      apk        CVE-2024-1737        High      
-bind-libs                 9.18.27-r0                      apk        CVE-2024-0760        High      
-bind-tools                9.18.27-r0                      apk        CVE-2024-4076        High      
-bind-tools                9.18.27-r0                      apk        CVE-2024-1975        High      
-bind-tools                9.18.27-r0                      apk        CVE-2024-1737        High      
-bind-tools                9.18.27-r0                      apk        CVE-2024-0760        High      
-curl                      8.7.1-r0              8.9.0-r0  apk        CVE-2024-6197        High      
-curl                      8.7.1-r0              8.9.0-r0  apk        CVE-2024-6874        Low       
-curl                      8.7.1-r0                        apk        CVE-2024-7264        Unknown   
-github.com/docker/docker  v24.0.9+incompatible  25.0.6    go-module  GHSA-v23v-6jw2-98fq  Critical  
-libcrypto3                3.3.1-r0              3.3.1-r1  apk        CVE-2024-5535        Critical  
-libcurl                   8.7.1-r0              8.9.0-r0  apk        CVE-2024-6197        High      
-libcurl                   8.7.1-r0              8.9.0-r0  apk        CVE-2024-6874        Low       
-libssl3                   3.3.1-r0              3.3.1-r1  apk        CVE-2024-5535        Critical  
-stdlib                    go1.21.9                        go-module  CVE-2024-24790       Critical  
-stdlib                    go1.21.9                        go-module  CVE-2024-24791       High      
-stdlib                    go1.21.9                        go-module  CVE-2024-24789       Medium    
-stdlib                    go1.21.9                        go-module  CVE-2024-24787       Medium
+NAME        INSTALLED   FIXED-IN  TYPE       VULNERABILITY   SEVERITY 
+bind-libs   9.18.27-r0            apk        CVE-2024-4076   High      
+bind-libs   9.18.27-r0            apk        CVE-2024-1975   High      
+bind-libs   9.18.27-r0            apk        CVE-2024-1737   High      
+bind-libs   9.18.27-r0            apk        CVE-2024-0760   High      
+bind-tools  9.18.27-r0            apk        CVE-2024-4076   High      
+bind-tools  9.18.27-r0            apk        CVE-2024-1975   High      
+bind-tools  9.18.27-r0            apk        CVE-2024-1737   High      
+bind-tools  9.18.27-r0            apk        CVE-2024-0760   High      
+curl        8.9.0-r0              apk        CVE-2024-7264   Unknown   
+stdlib      go1.22.2              go-module  CVE-2024-24790  Critical  
+stdlib      go1.22.2              go-module  CVE-2024-24791  High      
+stdlib      go1.22.2              go-module  CVE-2024-24789  Medium    
+stdlib      go1.22.2              go-module  CVE-2024-24787  Medium    
+stdlib      go1.22.2              go-module  CVE-2024-24788  Unknown
 ```
 
-### weaveexec: (20) 
+### weaveexec: (14) 
 
 ```
-NAME                      INSTALLED             FIXED-IN  TYPE       VULNERABILITY        SEVERITY 
-bind-libs                 9.18.27-r0                      apk        CVE-2024-4076        High      
-bind-libs                 9.18.27-r0                      apk        CVE-2024-1975        High      
-bind-libs                 9.18.27-r0                      apk        CVE-2024-1737        High      
-bind-libs                 9.18.27-r0                      apk        CVE-2024-0760        High      
-bind-tools                9.18.27-r0                      apk        CVE-2024-4076        High      
-bind-tools                9.18.27-r0                      apk        CVE-2024-1975        High      
-bind-tools                9.18.27-r0                      apk        CVE-2024-1737        High      
-bind-tools                9.18.27-r0                      apk        CVE-2024-0760        High      
-curl                      8.7.1-r0              8.9.0-r0  apk        CVE-2024-6197        High      
-curl                      8.7.1-r0              8.9.0-r0  apk        CVE-2024-6874        Low       
-curl                      8.7.1-r0                        apk        CVE-2024-7264        Unknown   
-github.com/docker/docker  v24.0.9+incompatible  25.0.6    go-module  GHSA-v23v-6jw2-98fq  Critical  
-libcrypto3                3.3.1-r0              3.3.1-r1  apk        CVE-2024-5535        Critical  
-libcurl                   8.7.1-r0              8.9.0-r0  apk        CVE-2024-6197        High      
-libcurl                   8.7.1-r0              8.9.0-r0  apk        CVE-2024-6874        Low       
-libssl3                   3.3.1-r0              3.3.1-r1  apk        CVE-2024-5535        Critical  
-stdlib                    go1.21.9                        go-module  CVE-2024-24790       Critical  
-stdlib                    go1.21.9                        go-module  CVE-2024-24791       High      
-stdlib                    go1.21.9                        go-module  CVE-2024-24789       Medium    
-stdlib                    go1.21.9                        go-module  CVE-2024-24787       Medium
+NAME        INSTALLED   FIXED-IN  TYPE       VULNERABILITY   SEVERITY 
+bind-libs   9.18.27-r0            apk        CVE-2024-4076   High      
+bind-libs   9.18.27-r0            apk        CVE-2024-1975   High      
+bind-libs   9.18.27-r0            apk        CVE-2024-1737   High      
+bind-libs   9.18.27-r0            apk        CVE-2024-0760   High      
+bind-tools  9.18.27-r0            apk        CVE-2024-4076   High      
+bind-tools  9.18.27-r0            apk        CVE-2024-1975   High      
+bind-tools  9.18.27-r0            apk        CVE-2024-1737   High      
+bind-tools  9.18.27-r0            apk        CVE-2024-0760   High      
+curl        8.9.0-r0              apk        CVE-2024-7264   Unknown   
+stdlib      go1.22.2              go-module  CVE-2024-24790  Critical  
+stdlib      go1.22.2              go-module  CVE-2024-24791  High      
+stdlib      go1.22.2              go-module  CVE-2024-24789  Medium    
+stdlib      go1.22.2              go-module  CVE-2024-24787  Medium    
+stdlib      go1.22.2              go-module  CVE-2024-24788  Unknown
 ```
Original file line number	Diff line number	Diff line change
		@@ -1 +1 @@
		{"schemaVersion": 1, "label": "Vulnerabilty count", "message": "20", "color": "orange"}
		{"schemaVersion": 1, "label": "Vulnerabilty count", "message": "14", "color": "orange"}