CVE Security Vulnerability Resolution

How Longhorn handles CVE issues

Longhorn uses Trivy to scan for vulnerability issues in Longhorn deliverable artifacts (container images) and component application binaries (library dependencies).

In each Longhorn release, regardless of the type (major, minor, or patch), all Longhorn container images will be updated with the latest security patches provided by BCI (https://www.suse.com/products/base-container-images/). This ensures that critical issues are resolved if BCI has provided the corresponding fixes.

In addition to updating host packages, if a corresponding security patch is provided, the dependencies will be updated to fix vulnerability issues in each Longhorn component.

What's the BCI image Longhorn is using

SUSE Linux Enterprise Base Container Images (SLE BCI) provide truly open, flexible, and secure container images and application development tools. The images consist of container environments based on SUSE Linux Enterprise and are designed to be a secure base for any containerized workload.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

CVE Security Vulnerability Resolution

How Longhorn handles CVE issues

What's the BCI image Longhorn is using

Longhorn Wiki

Roadmap

Release Known Issues

Release Schedule & Support

Release Test Plans

Release Regular Tasks

Release Flow

Branch Strategy

Backporting Policy

Community Issue Coordiantion

CVE Resolution

Dependency Update Policy

Deprecation Policy

Test Automation Strategy

Version Update Policy

Development

Issue Management

Performance Benchmark

Member Task Priority

Domain Experts

Clone this wiki locally