Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Security Policy violation Binary Artifacts #87

Closed
allstar-app bot opened this issue Jun 3, 2022 · 15 comments
Closed

Security Policy violation Binary Artifacts #87

allstar-app bot opened this issue Jun 3, 2022 · 15 comments
Labels
allstar

Comments

@allstar-app
Copy link

allstar-app bot commented Jun 3, 2022

This issue was automatically created by Allstar.

Security Policy Violation
Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

Artifacts Found

  • scripts/Makefile.lib
  • tools/perf/tests/pe-file.exe
  • tools/perf/tests/pe-file.exe.debug

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

Allstar has been installed on all Google managed GitHub orgs. Policies are gradually being rolled out and enforced by the GOSST and OSPO teams. Learn more at http://go/allstar

This issue will auto resolve when the policy is in compliance.

Issue created by Allstar. See https://github.com/ossf/allstar/ for more information. For questions specific to the repository, please contact the owner or maintainer.
@allstar-app allstar-app bot added the allstar label Jun 3, 2022
@y4ngyy
Copy link

y4ngyy commented Jun 3, 2022 via email

@allstar-app
Copy link
Author

allstar-app bot commented Jun 6, 2022

Updating issue after ping interval. Status:
Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

Artifacts Found

  • scripts/Makefile.lib
  • tools/perf/tests/pe-file.exe
  • tools/perf/tests/pe-file.exe.debug

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

3 similar comments
@allstar-app
Copy link
Author

allstar-app bot commented Jun 8, 2022

Updating issue after ping interval. Status:
Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

Artifacts Found

  • scripts/Makefile.lib
  • tools/perf/tests/pe-file.exe
  • tools/perf/tests/pe-file.exe.debug

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

@allstar-app
Copy link
Author

allstar-app bot commented Jun 11, 2022

Updating issue after ping interval. Status:
Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

Artifacts Found

  • scripts/Makefile.lib
  • tools/perf/tests/pe-file.exe
  • tools/perf/tests/pe-file.exe.debug

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

@allstar-app
Copy link
Author

allstar-app bot commented Jun 13, 2022

Updating issue after ping interval. Status:
Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

Artifacts Found

  • scripts/Makefile.lib
  • tools/perf/tests/pe-file.exe
  • tools/perf/tests/pe-file.exe.debug

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

@allstar-app
Copy link
Author

allstar-app bot commented Jun 19, 2022

Updating issue after ping interval. Status:
Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

Artifacts Found

  • tools/perf/tests/pe-file.exe
  • tools/perf/tests/pe-file.exe.debug

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

ramosian-glider added a commit that referenced this issue Jun 30, 2022
@ramosian-glider
DO-NOT-UPSTREAM: kmsan: allstar: ignore binaries
369d61d 
Add an Allstar exemption for binaries.

Fixes #87
ramosian-glider added a commit that referenced this issue Jul 29, 2022
@ramosian-glider
DO-NOT-UPSTREAM: kmsan: allstar: ignore binaries
46ff1e7 
Add an Allstar exemption for binaries.

Fixes #87
ramosian-glider added a commit that referenced this issue Aug 8, 2022
@ramosian-glider
DO-NOT-UPSTREAM: kmsan: allstar: ignore binaries
1c3a277 
Add an Allstar exemption for binaries.

Fixes #87
ramosian-glider added a commit that referenced this issue Sep 2, 2022
@ramosian-glider
DO-NOT-UPSTREAM: kmsan: allstar: ignore binaries
7ee3032 
Add an Allstar exemption for binaries.

Fixes #87

---
Link: https://linux-review.googlesource.com/id/I598e600cff14ecf7da763a7570f2c522afffe4e1
ramosian-glider added a commit that referenced this issue Sep 5, 2022
@ramosian-glider
DO-NOT-UPSTREAM: kmsan: allstar: ignore binaries
21a3755 
Add an Allstar exemption for binaries.

Fixes #87

---
Link: https://linux-review.googlesource.com/id/I598e600cff14ecf7da763a7570f2c522afffe4e1
ramosian-glider added a commit that referenced this issue Sep 14, 2022
@ramosian-glider
DO-NOT-UPSTREAM: kmsan: allstar: ignore binaries
df3d13d 
Add an Allstar exemption for binaries.

Fixes #87

---
Link: https://linux-review.googlesource.com/id/I598e600cff14ecf7da763a7570f2c522afffe4e1
@allstar-app allstar-app bot reopened this Oct 24, 2022
@allstar-app
Copy link
Author

allstar-app bot commented Oct 24, 2022

Reopening issue. See its status below.

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

Artifacts Found

  • tools/perf/tests/pe-file.exe
  • tools/perf/tests/pe-file.exe.debug

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

@allstar-app
Copy link
Author

allstar-app bot commented Oct 27, 2022

Updating issue after ping interval. See its status below.

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

Artifacts Found

  • tools/perf/tests/pe-file.exe
  • tools/perf/tests/pe-file.exe.debug

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

7 similar comments
@allstar-app
Copy link
Author

allstar-app bot commented Oct 28, 2022

Updating issue after ping interval. See its status below.

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

Artifacts Found

  • tools/perf/tests/pe-file.exe
  • tools/perf/tests/pe-file.exe.debug

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

@allstar-app
Copy link
Author

allstar-app bot commented Oct 30, 2022

Updating issue after ping interval. See its status below.

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

Artifacts Found

  • tools/perf/tests/pe-file.exe
  • tools/perf/tests/pe-file.exe.debug

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

@allstar-app
Copy link
Author

allstar-app bot commented Oct 31, 2022

Updating issue after ping interval. See its status below.

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

Artifacts Found

  • tools/perf/tests/pe-file.exe
  • tools/perf/tests/pe-file.exe.debug

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

@allstar-app
Copy link
Author

allstar-app bot commented Nov 2, 2022

Updating issue after ping interval. See its status below.

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

Artifacts Found

  • tools/perf/tests/pe-file.exe
  • tools/perf/tests/pe-file.exe.debug

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

@allstar-app
Copy link
Author

allstar-app bot commented Nov 4, 2022

Updating issue after ping interval. See its status below.

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

Artifacts Found

  • tools/perf/tests/pe-file.exe
  • tools/perf/tests/pe-file.exe.debug

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

@allstar-app
Copy link
Author

allstar-app bot commented Nov 5, 2022

Updating issue after ping interval. See its status below.

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

Artifacts Found

  • tools/perf/tests/pe-file.exe
  • tools/perf/tests/pe-file.exe.debug

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

@allstar-app
Copy link
Author

allstar-app bot commented Nov 7, 2022

Updating issue after ping interval. See its status below.

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

Artifacts Found

  • tools/perf/tests/pe-file.exe
  • tools/perf/tests/pe-file.exe.debug

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

ramosian-glider added a commit that referenced this issue Nov 14, 2022
@ramosian-glider
DO-NOT-UPSTREAM: kmsan: allstar: ignore binaries
e1930da 
Add an Allstar exemption for binaries.

Fixes #87
ramosian-glider added a commit that referenced this issue Nov 21, 2022
@ramosian-glider
DO-NOT-UPSTREAM: kmsan: allstar: ignore binaries
ff955cf 
Add an Allstar exemption for binaries.

Fixes #87
ramosian-glider added a commit that referenced this issue Nov 28, 2022
@ramosian-glider
DO-NOT-UPSTREAM: kmsan: allstar: ignore binaries
2d77b72 
Add an Allstar exemption for binaries.

Fixes #87
ramosian-glider added a commit that referenced this issue Dec 5, 2022
@ramosian-glider
DO-NOT-UPSTREAM: kmsan: allstar: ignore binaries
b965f90 
Add an Allstar exemption for binaries.

Fixes #87
ramosian-glider added a commit that referenced this issue Dec 12, 2022
@ramosian-glider
DO-NOT-UPSTREAM: kmsan: allstar: ignore binaries
4e8a63c 
Add an Allstar exemption for binaries.

Fixes #87
ramosian-glider added a commit that referenced this issue Jan 23, 2023
@ramosian-glider
DO-NOT-UPSTREAM: kmsan: allstar: ignore binaries
0231d1e 
Add an Allstar exemption for binaries.

Fixes #87
ramosian-glider added a commit that referenced this issue Feb 1, 2023
@ramosian-glider
DO-NOT-UPSTREAM: kmsan: allstar: ignore binaries
bc5e9e9 
Add an Allstar exemption for binaries.

Fixes #87
ramosian-glider added a commit that referenced this issue Feb 7, 2023
@ramosian-glider
DO-NOT-UPSTREAM: kmsan: allstar: ignore binaries
d4c14ca 
Add an Allstar exemption for binaries.

Fixes #87
ramosian-glider added a commit that referenced this issue Feb 13, 2023
@ramosian-glider
DO-NOT-UPSTREAM: kmsan: allstar: ignore binaries
71364b5 
Add an Allstar exemption for binaries.

Fixes #87
ramosian-glider added a commit that referenced this issue Feb 20, 2023
@ramosian-glider
DO-NOT-UPSTREAM: kmsan: allstar: ignore binaries
785803a 
Add an Allstar exemption for binaries.

Fixes #87
ramosian-glider added a commit that referenced this issue Mar 13, 2023
@ramosian-glider
DO-NOT-UPSTREAM: kmsan: allstar: ignore binaries
2d7446d 
Add an Allstar exemption for binaries.

Fixes #87
ramosian-glider added a commit that referenced this issue Mar 20, 2023
@ramosian-glider
DO-NOT-UPSTREAM: kmsan: allstar: ignore binaries
5c4b09f 
Add an Allstar exemption for binaries.

Fixes #87
ramosian-glider added a commit that referenced this issue Apr 3, 2023
@ramosian-glider
DO-NOT-UPSTREAM: kmsan: allstar: ignore binaries
daa51b4 
Add an Allstar exemption for binaries.

Fixes #87
ramosian-glider added a commit that referenced this issue Apr 12, 2023
@ramosian-glider
DO-NOT-UPSTREAM: kmsan: allstar: ignore binaries
acfd9a6 
Add an Allstar exemption for binaries.

Fixes #87
ramosian-glider added a commit that referenced this issue Apr 17, 2023
@ramosian-glider
DO-NOT-UPSTREAM: kmsan: allstar: ignore binaries
53aeb28 
Add an Allstar exemption for binaries.

Fixes #87
ramosian-glider added a commit that referenced this issue Apr 24, 2023
@ramosian-glider
DO-NOT-UPSTREAM: kmsan: allstar: ignore binaries
cb13cf2 
Add an Allstar exemption for binaries.

Fixes #87
ramosian-glider added a commit that referenced this issue May 15, 2023
@ramosian-glider
DO-NOT-UPSTREAM: kmsan: allstar: ignore binaries
657ae90 
Add an Allstar exemption for binaries.

Fixes #87
ramosian-glider added a commit that referenced this issue May 22, 2023
@ramosian-glider
DO-NOT-UPSTREAM: kmsan: allstar: ignore binaries
0f3a2a9 
Add an Allstar exemption for binaries.

Fixes #87
ramosian-glider added a commit that referenced this issue May 30, 2023
@ramosian-glider
DO-NOT-UPSTREAM: kmsan: allstar: ignore binaries
7931af8 
Add an Allstar exemption for binaries.

Fixes #87
ramosian-glider added a commit that referenced this issue Jun 19, 2023
@ramosian-glider
DO-NOT-UPSTREAM: kmsan: allstar: ignore binaries
1c89178 
Add an Allstar exemption for binaries.

Fixes #87
ramosian-glider added a commit that referenced this issue Jun 26, 2023
@ramosian-glider
DO-NOT-UPSTREAM: kmsan: allstar: ignore binaries
70a4136 
Add an Allstar exemption for binaries.

Fixes #87
kanner pushed a commit to kanner/linux that referenced this issue Aug 2, 2023
@ramosian-glider @kanner
DO-NOT-UPSTREAM: kmsan: allstar: ignore binaries
908ef7a 
Add an Allstar exemption for binaries.

Fixes google/kmsan#87
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
allstar
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@y4ngyy