Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Catalog haproxy binary #1512

Closed
witchcraze opened this issue Jan 25, 2023 · 0 comments · Fixed by #1591
Closed

Catalog haproxy binary #1512

witchcraze opened this issue Jan 25, 2023 · 0 comments · Fixed by #1591
Labels
enhancement New feature or request

Comments

@witchcraze
Copy link
Contributor

What would you like to be added:

An additional file classifier which finds haproxy binary.

Why is this needed:

haproxy is widely used.

pullCount : 500M+
starCount : 1.8K+
from https://hub.docker.com/_/haproxy

haproxy will be installed without a package manger in container env with official image.
We want to be able to catalog this.

$ syft -q haproxy | grep haproxy
$ 

$ docker run -it --rm haproxy haproxy -v
HAProxy version 2.7.2-7e295dd 2023/01/20 - https://haproxy.org/
Status: stable branch - will stop receiving fixes around Q1 2024.
Known bugs: http://www.haproxy.org/bugs/bugs-2.7.2.html
Running on: Linux 5.15.79.1-microsoft-standard-WSL2 #1 SMP Wed Nov 23 01:01:46 UTC 2022 x86_64

Additional context:

cpe:2.3:a:haproxy:haproxy:*:*:*:*:*:*:*:* is used in NVD
https://nvd.nist.gov/vuln/detail/CVE-2021-40346

EOL
http://www.haproxy.org/

DOCKER OFFICIAL IMAGE : haproxy:2.7

$ which haproxy
/usr/local/sbin/haproxy

$ /usr/local/sbin/haproxy -v
HAProxy version 2.7.2-7e295dd 2023/01/20 - https://haproxy.org/
Status: stable branch - will stop receiving fixes around Q1 2024.
Known bugs: http://www.haproxy.org/bugs/bugs-2.7.2.html
Running on: Linux 5.15.79.1-microsoft-standard-WSL2 #1 SMP Wed Nov 23 01:01:46 UTC 2022 x86_64

# strings /usr/local/sbin/haproxy | grep '2\.7\.2'
2.7.2-7e295dd
 version 2.7.2-7e295dd, released 2023/01/20
2.7.2-7e295dd

DOCKER OFFICIAL IMAGE : haproxy:2.6

# which haproxy
/usr/local/sbin/haproxy

# /usr/local/sbin/haproxy -v
HAProxy version 2.6.8-ab6ee7f 2023/01/24 - https://haproxy.org/
Status: long-term supported branch - will stop receiving fixes around Q2 2027.
Known bugs: http://www.haproxy.org/bugs/bugs-2.6.8.html
Running on: Linux 5.15.79.1-microsoft-standard-WSL2 #1 SMP Wed Nov 23 01:01:46 UTC 2022 x86_64

# strings /usr/local/sbin/haproxy | grep '2\.6\.8'
2.6.8-ab6ee7f
 version 2.6.8-ab6ee7f, released 2023/01/24
2.6.8-ab6ee7f

DOCKER OFFICIAL IMAGE : haproxy:2.5

# which haproxy
/usr/local/sbin/haproxy

# /usr/local/sbin/haproxy -v
HAProxy version 2.5.11-1275e54 2023/01/24 - https://haproxy.org/
Status: stable branch - will stop receiving fixes around Q1 2023.
Known bugs: http://www.haproxy.org/bugs/bugs-2.5.11.html
Running on: Linux 5.15.79.1-microsoft-standard-WSL2 #1 SMP Wed Nov 23 01:01:46 UTC 2022 x86_64

# strings /usr/local/sbin/haproxy | grep '2\.5\.11'
2.5.11-1275e54
 version 2.5.11-1275e54, released 2023/01/24
2.5.11-1275e54

DOCKER OFFICIAL IMAGE : haproxy:2.4

# which haproxy
/usr/local/sbin/haproxy

# /usr/local/sbin/haproxy -v
HAProxy version 2.4.20-d59cd78 2022/12/09 - https://haproxy.org/
Status: long-term supported branch - will stop receiving fixes around Q2 2026.
Known bugs: http://www.haproxy.org/bugs/bugs-2.4.20.html
Running on: Linux 5.15.79.1-microsoft-standard-WSL2 #1 SMP Wed Nov 23 01:01:46 UTC 2022 x86_64

# strings /usr/local/sbin/haproxy | grep '2\.4\.20'
2.4.20-d59cd78
 version 2.4.20-d59cd78, released 2022/12/09
2.4.20-d59cd78

DOCKER OFFICIAL IMAGE : haproxy:2.3

# which haproxy
/usr/local/sbin/haproxy

# /usr/local/sbin/haproxy -v
HA-Proxy version 2.3.21-3ce4ee0 2022/07/27 - https://haproxy.org/
Status: End of life - please upgrade to branch 2.4.
Known bugs: http://www.haproxy.org/bugs/bugs-2.3.21.html
Running on: Linux 5.15.79.1-microsoft-standard-WSL2 #1 SMP Wed Nov 23 01:01:46 UTC 2022 x86_64

# strings /usr/local/sbin/haproxy | grep '2\.3\.21'
version="2.3.21-3ce4ee0"
 version 2.3.21-3ce4ee0, released 2022/07/27
2.3.21-3ce4ee0

DOCKER OFFICIAL IMAGE : haproxy:2.2

# which haproxy
/usr/local/sbin/haproxy

# /usr/local/sbin/haproxy -v
HA-Proxy version 2.2.26-97059ba 2022/12/09 - https://haproxy.org/
Status: long-term supported branch - will stop receiving fixes around Q2 2025.
Known bugs: http://www.haproxy.org/bugs/bugs-2.2.26.html
Running on: Linux 5.15.79.1-microsoft-standard-WSL2 #1 SMP Wed Nov 23 01:01:46 UTC 2022 x86_64

# strings /usr/local/sbin/haproxy | grep '2\.2\.26'
version="2.2.26-97059ba"
 version 2.2.26-97059ba, released 2022/12/09
2.2.26-97059ba

DOCKER OFFICIAL IMAGE : haproxy:2.1

# which haproxy
/usr/local/sbin/haproxy

# /usr/local/sbin/haproxy -v
HAProxy version 2.5.11-1275e54 2023/01/24 - https://haproxy.org/
Status: stable branch - will stop receiving fixes around Q1 2023.
Known bugs: http://www.haproxy.org/bugs/bugs-2.5.11.html
Running on: Linux 5.15.79.1-microsoft-standard-WSL2 #1 SMP Wed Nov 23 01:01:46 UTC 2022 x86_64

# strings /usr/local/sbin/haproxy | grep '2\.1\.12'
version="2.1.12-529bae5"
 version 2.1.12-529bae5, released 2021/03/18
2.1.12-529bae5

DOCKER OFFICIAL IMAGE : haproxy:2.0

# which haproxy
/usr/local/sbin/haproxy

# /usr/local/sbin/haproxy -v
HA-Proxy version 2.0.30-2ad13fe 2022/12/09 - https://haproxy.org/

# strings /usr/local/sbin/haproxy | grep '2\.0\.30'
version="2.0.30-2ad13fe"
 version 2.0.30-2ad13fe, released 2022/12/09
2.0.30-2ad13fe

DOCKER OFFICIAL IMAGE : haproxy:1.9

# which haproxy
/usr/local/sbin/haproxy

# /usr/local/sbin/haproxy -v
HA-Proxy version 1.9.16 2020/07/31 - https://haproxy.org/
No more fixes for branch 1.9 past this version, please upgrade to branch 2.0!

# strings /usr/local/sbin/haproxy | grep '1\.9\.16'
1.9.16
 version 1.9.16, released 2020/07/31
HA-Proxy version 1.9.16 2020/07/31 - https://haproxy.org/

DOCKER OFFICIAL IMAGE : haproxy:1.8

# which haproxy
/usr/local/sbin/haproxy

# /usr/local/sbin/haproxy -v
HA-Proxy version 1.8.31-930270d 2022/12/09
Copyright 2000-2022 Willy Tarreau <willy@haproxy.org>

# strings /usr/local/sbin/haproxy | grep '1\.8\.31'
1.8.31-930270d
 version 1.8.31-930270d, released 2022/12/09
HA-Proxy version 1.8.31-930270d 2022/12/09

DOCKER OFFICIAL IMAGE : haproxy:1.7

# which haproxy
/usr/local/sbin/haproxy

# /usr/local/sbin/haproxy -v
HA-Proxy version 1.7.14 2021/03/31
Copyright 2000-2021 Willy Tarreau <willy@haproxy.org>

# strings /usr/local/sbin/haproxy | grep '1\.7\.14'
HA-Proxy version 1.7.14 2021/03/31
1.7.14
 version 1.7.14, released 2021/03/31

DOCKER OFFICIAL IMAGE : haproxy:1.6

# which haproxy
/usr/local/sbin/haproxy

# /usr/local/sbin/haproxy -v
HA-Proxy version 1.6.15 2019/10/25
Copyright 2000-2019 Willy Tarreau <willy@haproxy.org>

# strings /usr/local/sbin/haproxy | grep '1\.6\.15'
HA-Proxy version 1.6.15 2019/10/25
 version 1.6.15, released 2019/10/25
Version: 1.6.15

DOCKER OFFICIAL IMAGE : haproxy:1.5

# which haproxy
/usr/local/sbin/haproxy

# /usr/local/sbin/haproxy -v
HA-Proxy version 1.5.19 2016/12/25
Copyright 2000-2016 Willy Tarreau <willy@haproxy.org>

# strings /usr/local/sbin/haproxy | grep '1\.5\.19'
HA-Proxy version 1.5.19 2016/12/25
 version 1.5.19, released 2016/12/25
Version: 1.5.19

Ubuntu 22.04 + OS Package (This will be shown as package)

# which haproxy
/usr/sbin/haproxy

# /usr/sbin/haproxy -v
HAProxy version 2.4.18-0ubuntu1.1 2023/01/19 - https://haproxy.org/
Status: long-term supported branch - will stop receiving fixes around Q2 2026.
Known bugs: http://www.haproxy.org/bugs/bugs-2.4.18.html
Running on: Linux 5.15.79.1-microsoft-standard-WSL2 #1 SMP Wed Nov 23 01:01:46 UTC 2022 x86_64

# strings /usr/sbin/haproxy | grep '2\.4\.18'
2.4.18-0ubuntu1.1
2.4.18-0ubuntu1.1
 version 2.4.18-0ubuntu1.1, released 2023/01/19

RHEL8 + OS Package (This will be shown as package)

# which haproxy
/usr/sbin/haproxy

# /usr/sbin/haproxy -v
HA-Proxy version 1.8.27-493ce0b 2020/11/06
Copyright 2000-2020 Willy Tarreau <willy@haproxy.org>

# strings /usr/sbin/haproxy | grep '1\.8\.27'
1.8.27-493ce0b
 version 1.8.27-493ce0b, released 2020/11/06
HA-Proxy version 1.8.27-493ce0b 2020/11/06
haproxy-1.8.27-5.el8.x86_64.debug
@witchcraze witchcraze added the enhancement New feature or request label Jan 25, 2023
This was referenced Feb 18, 2023
Closed
Merged
This was referenced Mar 2, 2023
Closed
Closed
Closed
Closed
Merged
Merged
Closed
Closed
Open
Open
Open
Open
Open
This was referenced Mar 10, 2023
Open
Closed
Closed
Closed
@dependabot dependabot bot mentioned this issue Mar 20, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
OSS
Archived in project
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

haproxy binary matcher noqcks/syft
Add haproxy binary matcher
1 participant
@witchcraze