From 0d9d7bd79fad923d2ca810ddfa6feb33d85b3979 Mon Sep 17 00:00:00 2001 From: "octo-sts[bot]" <101908552+octo-sts@users.noreply.github.com> Date: Wed, 20 Mar 2024 22:06:55 +0000 Subject: [PATCH] Adding Advisory GHSA-8r3f-844c-mc37 for tekton-chains --- tekton-chains.advisories.yaml | 43 +++++++++++++++++++++++++---------- 1 file changed, 31 insertions(+), 12 deletions(-) diff --git a/tekton-chains.advisories.yaml b/tekton-chains.advisories.yaml index 43827426d..7a2fbb46c 100644 --- a/tekton-chains.advisories.yaml +++ b/tekton-chains.advisories.yaml @@ -79,21 +79,26 @@ advisories: data: fixed-version: 0.19.0-r6 - - id: GHSA-2c7c-3mj9-8fqh - events: - - timestamp: 2023-12-14T09:33:13Z - type: fixed - data: - fixed-version: 0.19.0-r3 - - - id: GHSA-9763-4f94-gfch + - id: CVE-2024-24786 + aliases: + - GHSA-8r3f-844c-mc37 events: - - timestamp: 2024-01-24T07:48:56Z - type: fixed + - timestamp: 2024-03-20T22:06:53Z + type: detection data: - fixed-version: 0.19.0-r6 + type: scan/v1 + data: + subpackageName: tekton-chains + componentID: 775e84de213e32a7 + componentName: google.golang.org/protobuf + componentVersion: v1.32.0 + componentType: go-module + componentLocation: /usr/bin/tekton-chains + scanner: grype - - id: GHSA-c5q2-7r4c-mv6g + - id: CVE-2024-28180 + aliases: + - GHSA-c5q2-7r4c-mv6g events: - timestamp: 2024-03-08T07:18:57Z type: detection @@ -112,6 +117,20 @@ advisories: data: fixed-version: 0.20.0-r3 + - id: GHSA-2c7c-3mj9-8fqh + events: + - timestamp: 2023-12-14T09:33:13Z + type: fixed + data: + fixed-version: 0.19.0-r3 + + - id: GHSA-9763-4f94-gfch + events: + - timestamp: 2024-01-24T07:48:56Z + type: fixed + data: + fixed-version: 0.19.0-r6 + - id: GHSA-jq35-85cj-fj4p events: - timestamp: 2023-12-14T09:33:02Z