Address High vulnerabilities in OVMS SNYK scan #192

heyselbi · 2023-09-14T16:53:31Z

Link to SNYK report

Address 4 high vulnerabilities in openvino-model-server, upstream first.
(highly recommended, but not required) Address 2 high vulnerabilities in [quay scan]
sync ovms/main with odh/main
cherry pick from odh/main to odh/2023.1 the security fixes

(https://quay.io/repository/opendatahub/openvino_model_server/manifest/sha256:2cbe8a48ab0bc6fe7fb76919bf33253e83a6218a9c4b486b744c3dcf30679616?tab=vulnerabilities), upstream first.

spolti · 2023-10-27T17:13:53Z

Cant add upstream PR on development.

OpenVINO Critical/High vuls:

Security fixes merged as part of openvinotoolkit/model_server#2136

spolti · 2023-11-10T17:56:30Z

Community: Image update: openvinotoolkit/model_server#2140

https://github.com/openvinotoolkit/model_server/commit/03c29f788a284f2e6eb4332c79a87b3daeb5ba22

I was not able to reproduce a odh build to run the Clair scan against it.
Create this PR opendatahub-io/openvino_model_server#3 hoping this would build, and push to quay, yes?

Cherry-pick:
- Update ubi tag to the latest available openvino_model_server#4

spolti · 2023-11-10T19:30:51Z

ODH merged, quay scan is green:

spolti · 2023-11-14T13:43:47Z

ODH Cherry-picks:

Sec fixes openvinotoolkit/model_server#2110
- Sec fixes 2023.1 openvino_model_server#5
Minor CVEs openvinotoolkit/model_server#2111
- CVE fixes openvino_model_server#6
Address security issues openvinotoolkit/model_server#2112
- Address security issues openvino_model_server#7 (this one was a little bit trick since the Dockerfile from main branch is a little bit different).
minor security fixes openvinotoolkit/model_server#2113
- minor security fixes openvino_model_server#8
address security issues openvinotoolkit/model_server#2114
- there is no need to do this change on tne 2023.1 release branch since there is no go.mod file there: https://github.com/opendatahub-io/openvino_model_server/tree/2023.1-release/demos/image_classification/go

Main branch sync

Merge remote-tracking branch 'ovms/main' into 'odh/main' openvino_model_server#9

heyselbi added the odh-1.11 label Oct 9, 2023

danielezonca assigned spolti Oct 9, 2023

heyselbi added rhods-2.5 rhods-2.4 and removed rhods-2.5 labels Oct 12, 2023

heyselbi mentioned this issue Oct 16, 2023

[DEV TRACKER] Model Serving Requirements for Q4 opendatahub-io/kserve#92

Closed

heyselbi added rhods-2.5 and removed rhods-2.4 labels Oct 25, 2023

heyselbi changed the title ~~Address "High" vulnerabilities in SNYK scan of modelmesh repos~~ Address High vulnerabilities in OVMS SNYK scan Oct 31, 2023

heyselbi mentioned this issue Oct 31, 2023

Address High vulnerabilities in OVMS #250

Closed

2 tasks

spolti closed this as completed Nov 16, 2023

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Address High vulnerabilities in OVMS SNYK scan #192

Address High vulnerabilities in OVMS SNYK scan #192

heyselbi commented Sep 14, 2023 •

edited by spolti

spolti commented Oct 27, 2023 •

edited

spolti commented Nov 10, 2023 •

edited

spolti commented Nov 10, 2023

spolti commented Nov 14, 2023 •

edited

Address High vulnerabilities in OVMS SNYK scan #192

Address High vulnerabilities in OVMS SNYK scan #192

Comments

heyselbi commented Sep 14, 2023 • edited by spolti

spolti commented Oct 27, 2023 • edited

spolti commented Nov 10, 2023 • edited

spolti commented Nov 10, 2023

spolti commented Nov 14, 2023 • edited

heyselbi commented Sep 14, 2023 •

edited by spolti

spolti commented Oct 27, 2023 •

edited

spolti commented Nov 10, 2023 •

edited

spolti commented Nov 14, 2023 •

edited