diff --git a/cmd/clair/main.go b/cmd/clair/main.go index 58cf533bd..edc252d50 100644 --- a/cmd/clair/main.go +++ b/cmd/clair/main.go @@ -113,7 +113,8 @@ func Boot(config *Config, slimMode bool) { go func() { defer wg.Add(-1) var err error - db, err = database.OpenWithRetries(config.Database, true, 30, 10*time.Second) + // Wait for the DB to be ready: 10 minutes. + db, err = database.OpenWithRetries(config.Database, true, 60, 10*time.Second) if err != nil { log.WithError(err).Fatal("Failed to open database despite multiple retries...") } diff --git a/e2etests/testcase_test.go b/e2etests/testcase_test.go index fc25c5a5a..00c580727 100644 --- a/e2etests/testcase_test.go +++ b/e2etests/testcase_test.go @@ -4028,7 +4028,7 @@ All OpenShift Container Platform 4.10 users are advised to upgrade to these upda Name: "tomcat", VersionFormat: component.JavaSourceType.String(), Version: "9.0.59", - FixedBy: "9.0.104", + FixedBy: "9.0.106", Location: "tomcat-embed-core-9.0.59.jar", Vulnerabilities: []apiV1.Vulnerability{ { @@ -4797,7 +4797,7 @@ All OpenShift Container Platform 4.10 users are advised to upgrade to these upda NamespaceName: "rhel:8", VersionFormat: "rpm", Version: "1:17.0.11.0.9-2.el8.x86_64", - FixedBy: "1:17.0.15.0.6-2.el8", + FixedBy: "1:17.0.16.0.8-2.el8", AddedBy: "sha256:06c7a3d491f551a56296ccb9bee8a68c83776991e73a9005e8b5ebb533002097", }, }, @@ -4816,7 +4816,7 @@ All OpenShift Container Platform 4.10 users are advised to upgrade to these upda NamespaceName: "rhel:8", VersionFormat: "rpm", Version: "1:17.0.13.0.11-3.el8.x86_64", - FixedBy: "1:17.0.15.0.6-2.el8", + FixedBy: "1:17.0.16.0.8-2.el8", AddedBy: "sha256:2f7b9495af5ddc85b0be7ca9411fddb54f37999ea73b03cbf1115dd0c5bd4f95", }, }, diff --git a/e2etests/vuln_test.go b/e2etests/vuln_test.go index 97b44f358..05c6ffec5 100644 --- a/e2etests/vuln_test.go +++ b/e2etests/vuln_test.go @@ -142,9 +142,6 @@ func TestStackroxVulnImages(t *testing.T) { image: "quay.io/rhacs-eng/qa:rails-cve-2016-2098", expectedFeatures: []feature{ {"rails", "4.2.5.1", []expectedVuln{ - {name: "CVE-2016-2098"}, - {name: "CVE-2016-6316"}, - {name: "CVE-2016-6317"}, {name: "CVE-2018-16476", fixedBy: "4.2.11"}, {name: "CVE-2019-5418", fixedBy: "4.2.11.1"}, {name: "CVE-2019-5419", fixedBy: "4.2.11.1"}, @@ -152,6 +149,16 @@ func TestStackroxVulnImages(t *testing.T) { }, }, }, + unexpectedVulns: []feature{ + {"rails", "4.2.5.1", []expectedVuln{ + // These three vulns should exist, but NVD set these to deferred. + // Placing them here until they are no longer deferred. + {name: "CVE-2016-2098"}, + {name: "CVE-2016-6316"}, + {name: "CVE-2016-6317"}, + }, + }, + }, }, { // docker.io/1and1internet/ubuntu-16-customerssh:latest @@ -177,10 +184,6 @@ func TestStackroxVulnImages(t *testing.T) { {name: "CVE-2019-10086", fixedBy: ""}, }, }, - {"commons_fileupload", "1.3.2", []expectedVuln{ - {name: "CVE-2016-1000031", fixedBy: ""}, - }, - }, {"guava", "18.0", []expectedVuln{ {name: "CVE-2018-10237", fixedBy: "24.1.1"}, }, @@ -194,6 +197,12 @@ func TestStackroxVulnImages(t *testing.T) { {name: "CVE-2015-2512"}, }, }, + {"commons_fileupload", "1.3.2", []expectedVuln{ + // This vuln should exist, but NVD set it to deferred. + // Placing it here until they are no longer deferred. + {name: "CVE-2016-1000031", fixedBy: ""}, + }, + }, }, }, { @@ -209,17 +218,17 @@ func TestStackroxVulnImages(t *testing.T) { { // docker.io/library/cassandra:latest image: "quay.io/rhacs-eng/qa:cassandra", - expectedFeatures: []feature{ - {"logback", "1.1.3", []expectedVuln{ - {name: "CVE-2017-5929", fixedBy: ""}, - }, - }, - }, unexpectedVulns: []feature{ {"slingshot", "0.10.3", []expectedVuln{ {name: "CVE-2015-5711"}, }, }, + {"logback", "1.1.3", []expectedVuln{ + // This vuln should exist, but NVD set it to deferred. + // Placing it here until they are no longer deferred. + {name: "CVE-2017-5929", fixedBy: ""}, + }, + }, }, }, {