Skip to content

Instantly share code, notes, and snippets.

View sfowl's full-sized avatar

sfowl

3 followers · 1 following
  • Red Hat
  • Australia
View GitHub Profile
@sfowl
sfowl / 4-7-first-fix
Created February 22, 2021 05:37
CVE-2020-27813 openshift-enterprise-console-container
1902123 4.7.0 VERIFIED
CVE-2021-20182 openshift-enterprise-builder-container
1915139 4.7.0 VERIFIED
1915138 4.6.z CLOSED ERRATA
1915137 4.5.z CLOSED ERRATA
1915136 4.4.z CLOSED ERRATA
CVE-2020-8566 openshift-enterprise-hyperkube-container
1887292 4.7.0 VERIFIED
1887748 4.6.z CLOSED ERRATA
@sfowl
sfowl / krb-conf
Created February 18, 2021 07:18
==> /etc/krb5.conf <==
# To opt out of the system crypto-policies configuration of krb5, remove the
# symlink at /etc/krb5.conf.d/crypto-policies which will not be recreated.
includedir /etc/krb5.conf.d/
[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
@sfowl
sfowl / pkg-why.txt
Created January 29, 2021 09:12
k8s.io/cli-runtime/pkg/resource
golang.org/x/text/encoding/unicode
golang.org/x/text/runes
golang.org/x/text/runes.test
golang.org/x/text/language
github.com/containernetworking/cni/pkg/skel.test
github.com/directxman12/k8s-prometheus-adapter/pkg/custom-provider.test
github.com/dougbtv/whereabouts/cmd.test
github.com/intel/network-resources-injector/pkg/webhook.test
@sfowl
sfowl / parse-map.txt
Created January 22, 2021 08:16
-> x/text/cmd/gotext/examples/extract_http/pkg/pkg.go:Generize()
-> x/text/message/catalog.go:MatchLanguage()
-> x/text/language/match.go:MatchStrings()
-> x/text/language/parse.go:ParseAcceptLanguage()
-> x/text/language/parse.go:Parse()
-> x/text/collate/maketables.go:main()
-> x/text/collate/maketables.go:parseCollation()
-> x/text/language/parse.go:Parse()
@sfowl
sfowl / update.sh
Created January 13, 2021 07:59
#!/usr/bin/bash
# prereqs and token code written by Joel Smith
allprereqs=1
for i in cat shyaml hub jq curl git; do
if ! command -v $i &> /dev/null; then
echo $?
echo "Missing prerequisite: $i"
allprereqs=0
@sfowl
sfowl / update.sh
Last active January 12, 2021 08:25
#!/usr/bin/bash
# prereqs and token code written by Joel Smith
allprereqs=1
for i in cat shyaml hub jq curl git; do
if ! command -v $i &> /dev/null; then
echo $?
echo "Missing prerequisite: $i"
allprereqs=0
@sfowl
sfowl / errant-containers
Created January 7, 2021 08:19
assisted-installer-agent-container-v4.6.0-54
assisted-installer-container-v4.6.0-55
assisted-installer-reporter-container-v4.6.0-52
cluster-logging-operator-metadata-container-v4.6.0.202011221454.p0-1
cluster-nfd-operator-metadata-container-v4.6.0.202012050130.p0-1
cnf-tests-container-v4.6.0-32
compliance-content-container-v4.6.0-8
dpdk-base-container-v4.6.0-5.1604454995
elasticsearch-operator-metadata-container-v4.6.0.202011221454.p0-1
local-storage-operator-metadata-container-v4.6.0.202012050130.p0-1
@sfowl
sfowl / scanning-with-oscap.md
Created December 7, 2020 08:07
@sfowl
sfowl / query
Created December 3, 2020 23:54
$ dnf repoquery --latest-limit=1 --repoid=fedora-source -a --qf="#%{NAME} [%{REQUIRES}]" | sed -r ':a;$!{N;s/\n//;ba}; s/([^\r]*)\r\n/\1 /g; s/#/\r\n/g' | grep -E 'golang|go-tool|go-compiler' | awk '{print $1}' | sort -u > golang-rpms
$ grep -v github /tmp/golang-rpms | grep -v golang
arduino-builder
buildah
caddy
cadvisor
cheat
containerd
containernetworking-plugins
cri-tools
@sfowl
sfowl / closed-golang-stdlib-bugs.txt
Created November 12, 2020 06:44
$ bugzilla --ensure-logged-in query --json --from-url "buglist.cgi?product=OpenShift%20Container%20Platform&keywords=SecurityTracking&summary=CVE-2020-15586&status=CLOSED" | jq -r '.bugs[] | "----\n" + .summary + "\n" + .comments[-1].text'
----
CVE-2020-15586 CVE-2020-16845 ignition: various flaws [openshift-4]
Fixed by below advisory, used FixCVENames to associate CVEs:
https://access.redhat.com/errata/RHBA-2020:4197
----
CVE-2020-15586 CVE-2020-16845 openshift-clients: various flaws [openshift-4]
Fixed in below advisory, used FixCVENames to asssociate CVEs: