Ran
|
Jobs
1
|
Files
51
|
Run time
1min
|
Badge
README BADGES
|
push
github
chore: bump github.com/containers/image/v5 from 5.30.0 to 5.30.1 (#949) Bumps [github.com/containers/image/v5](https://github.com/containers/image) from 5.30.0 to 5.30.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/containers/image/releases">github.com/containers/image/v5's releases</a>.</em></p> <blockquote> <h2>v5.30.1</h2> <p>This fixes CVE-2024-3727 .</p> <p>Digest values used throughout this library were not always validated. That allowed attackers to trigger, when pulling untrusted images, unexpected authenticated registry accesses on behalf of a victim user.</p> <p>In less common uses of this library (using other transports or not using the <code>containers/image/v5/copy.Image</code> API), an attacker could also trigger local path traversals or crashes.</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/containers/image/commit/56e750a2c"><code>56e750a</code></a> Release 5.30.1</li> <li><a href="https://github.com/containers/image/commit/132678b47"><code>132678b</code></a> Merge pull request <a href="https://redirect.github.com/containers/image/issues/2404">#2404</a> from mtrmac/digest-unmarshal-5.30</li> <li><a href="https://github.com/containers/image/commit/b724ee772"><code>b724ee7</code></a> Validate the tags returned by a registry</li> <li><a href="https://github.com/containers/image/commit/a9225e40c"><code>a9225e4</code></a> Call .Validate() before digest.Digest.String() if necessary</li> <li><a href="https://github.com/containers/image/commit/4a3785ddd"><code>4a3785d</code></a> Refactor the error handling further</li> <li><a href="https://github.com/containers/image/commit/a802d658e"><code>a802d65</code></a> Refactor... (continued)
3221 of 5031 relevant lines covered (64.02%)
19.68 hits per line
ID | Job ID | Ran | Files | Coverage | |
---|---|---|---|---|---|
1 | 9204901829.1 | 51 |
64.02 |
GitHub Action Run |
Coverage | ∆ | File | Lines | Relevant | Covered | Missed | Hits/Line |
---|