From 4f6728db58ab4cab71dd1ac47f94ff1fe4fc7b7a Mon Sep 17 00:00:00 2001 From: Gareth Jones Date: Sat, 14 Oct 2023 07:25:49 +1300 Subject: [PATCH] test: update e2e fixtures (#228) --- fixtures/locks-e2e/1-Pipfile.lock.out.txt | 4 +++- fixtures/locks-e2e/2-go.mod.out.txt | 5 +++-- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/fixtures/locks-e2e/1-Pipfile.lock.out.txt b/fixtures/locks-e2e/1-Pipfile.lock.out.txt index 4dda3e19..5e4e5f2d 100644 --- a/fixtures/locks-e2e/1-Pipfile.lock.out.txt +++ b/fixtures/locks-e2e/1-Pipfile.lock.out.txt @@ -7,6 +7,8 @@ fixtures/locks-e2e/1-Pipfile.lock: found 114 packages ansible@7.2.0 is affected by the following vulnerabilities: PYSEC-2020-220: A flaw was found in Ansible Base when using the aws_ssm connection plugin as... PYSEC-2021-125: A flaw was found in Ansible where the secret information present in async_files... + ansible-core@2.14.2 is affected by the following vulnerabilities: + GHSA-ww3m-ffrm-qvqv: Ansible may expose private key (https://github.com/advisories/GHSA-ww3m-ffrm-qvqv) certifi@2023.5.7 is affected by the following vulnerabilities: GHSA-xqr8-7jwr-rhp7: Removal of e-Tugra root certificate (https://github.com/advisories/GHSA-xqr8-7jwr-rhp7) cryptography@41.0.1 is affected by the following vulnerabilities: @@ -35,4 +37,4 @@ fixtures/locks-e2e/1-Pipfile.lock: found 114 packages GHSA-33pv-vcgh-jfg9: Wagtail vulnerable to denial-of-service via memory exhaustion when uploading large files (https://github.com/advisories/GHSA-33pv-vcgh-jfg9) GHSA-5286-f2rf-35c2: Wagtail vulnerable to stored Cross-site Scripting attack via ModelAdmin views (https://github.com/advisories/GHSA-5286-f2rf-35c2) - 21 known vulnerabilities found in fixtures/locks-e2e/1-Pipfile.lock + 22 known vulnerabilities found in fixtures/locks-e2e/1-Pipfile.lock diff --git a/fixtures/locks-e2e/2-go.mod.out.txt b/fixtures/locks-e2e/2-go.mod.out.txt index 08d349c8..199fe737 100644 --- a/fixtures/locks-e2e/2-go.mod.out.txt +++ b/fixtures/locks-e2e/2-go.mod.out.txt @@ -23,17 +23,18 @@ fixtures/locks-e2e/2-go.mod: found 73 packages GHSA-8c26-wmh5-6g9v: golang.org/x/crypto/ssh Denial of service via crafted Signer (https://github.com/advisories/GHSA-8c26-wmh5-6g9v) GHSA-gwc9-m7rh-j2ww: x/crypto/ssh vulnerable to panic via malformed packets (https://github.com/advisories/GHSA-gwc9-m7rh-j2ww) golang.org/x/net@0.0.0-20210326060303-6b1517762897 is affected by the following vulnerabilities: + GHSA-2wrh-6pvc-2jm9: Improper rendering of text nodes in golang.org/x/net/html (https://github.com/advisories/GHSA-2wrh-6pvc-2jm9) + GHSA-4374-p667-p6c8: HTTP/2 rapid reset can cause excessive work in net/http (https://github.com/advisories/GHSA-4374-p667-p6c8) GHSA-69cg-p879-7622: golang.org/x/net/http2 Denial of Service vulnerability (https://github.com/advisories/GHSA-69cg-p879-7622) GHSA-83g2-8m93-v3w7: golang.org/x/net/html Infinite Loop vulnerability (https://github.com/advisories/GHSA-83g2-8m93-v3w7) GHSA-h86h-8ppg-mxmh: golang.org/x/net/http/httpguts vulnerable to Uncontrolled Recursion (https://github.com/advisories/GHSA-h86h-8ppg-mxmh) GHSA-vvpx-j8f3-3w6h: Uncontrolled Resource Consumption (https://github.com/advisories/GHSA-vvpx-j8f3-3w6h) GO-2022-0288: Unbounded memory growth in net/http and golang.org/x/net/http2 GO-2022-1144: Excessive memory growth in net/http and golang.org/x/net/http2 - GO-2023-1988: Improper rendering of text nodes in golang.org/x/net/html golang.org/x/sys@0.0.0-20210502180810-71e4cd670f79 is affected by the following vulnerabilities: GHSA-p782-xgp4-8hr8: golang.org/x/sys/unix has Incorrect privilege reporting in syscall (https://github.com/advisories/GHSA-p782-xgp4-8hr8) golang.org/x/text@0.3.5 is affected by the following vulnerabilities: GHSA-69ch-w2m2-3vjp: golang.org/x/text/language Denial of service via crafted Accept-Language header (https://github.com/advisories/GHSA-69ch-w2m2-3vjp) GHSA-ppp9-7jff-5vj2: golang.org/x/text/language Out-of-bounds Read vulnerability (https://github.com/advisories/GHSA-ppp9-7jff-5vj2) - 24 known vulnerabilities found in fixtures/locks-e2e/2-go.mod + 25 known vulnerabilities found in fixtures/locks-e2e/2-go.mod