moves to common trivyignore

JackSpagnoliNHS · JackSpagnoliNHS · commit ce7e82970af0 · 2026-02-26T12:03:06.000Z
diff --git a/src/base/.trivyignore.yaml b/src/base/.trivyignore.yaml
@@ -1,42 +1 @@
 vulnerabilities:
-  - id: CVE-2024-35870
-    statement: "kernel: smb: client: fix UAF in smb2_reconnect_server()"
-    purls:
-      - "pkg:deb/ubuntu/linux-libc-dev@5.15.0-171.181?arch=amd64&distro=ubuntu-22.04"
-      - "pkg:deb/ubuntu/linux-libc-dev@5.15.0-171.181?arch=arm64&distro=ubuntu-22.04"
-    expired_at: 2026-08-26
-  - id: CVE-2024-53179
-    statement: "kernel: smb: client: fix use-after-free of signing key"
-    purls:
-      - "pkg:deb/ubuntu/linux-libc-dev@5.15.0-171.181?arch=amd64&distro=ubuntu-22.04"
-      - "pkg:deb/ubuntu/linux-libc-dev@5.15.0-171.181?arch=arm64&distro=ubuntu-22.04"
-    expired_at: 2026-08-26
-  - id: CVE-2025-37849
-    statement: "kernel: KVM: arm64: Tear down vGIC on failed vCPU creation"
-    purls:
-      - "pkg:deb/ubuntu/linux-libc-dev@5.15.0-171.181?arch=amd64&distro=ubuntu-22.04"
-      - "pkg:deb/ubuntu/linux-libc-dev@5.15.0-171.181?arch=arm64&distro=ubuntu-22.04"
-    expired_at: 2026-08-26
-  - id: CVE-2025-37899
-    statement: "kernel: ksmbd: fix use-after-free in session logoff"
-    purls:
-      - "pkg:deb/ubuntu/linux-libc-dev@5.15.0-171.181?arch=amd64&distro=ubuntu-22.04"
-      - "pkg:deb/ubuntu/linux-libc-dev@5.15.0-171.181?arch=arm64&distro=ubuntu-22.04"
-    expired_at: 2026-08-26
-  - id: CVE-2025-38118
-    statement: "kernel: Linux kernel: Bluetooth MGMT use-after-free vulnerability allows privilege escalation"
-    purls:
-      - "pkg:deb/ubuntu/linux-libc-dev@5.15.0-171.181?arch=amd64&distro=ubuntu-22.04"
-      - "pkg:deb/ubuntu/linux-libc-dev@5.15.0-171.181?arch=arm64&distro=ubuntu-22.04"
-    expired_at: 2026-08-26
-  - id: CVE-2026-23111
-    statement: "kernel: Kernel: Privilege escalation or denial of service in nf_tables via inverted element activity check"
-    purls:
-      - "pkg:deb/ubuntu/linux-libc-dev@5.15.0-171.181?arch=amd64&distro=ubuntu-22.04"
-      - "pkg:deb/ubuntu/linux-libc-dev@5.15.0-171.181?arch=arm64&distro=ubuntu-22.04"
-    expired_at: 2026-08-26
-  - id: CVE-2025-61594
-    statement: "uri: URI module: Credential exposure via URI + operator"
-    purls:
-      - "pkg:gem/uri@0.13.0"
-    expired_at: 2026-08-26
diff --git a/src/common/.trivyignore.yaml b/src/common/.trivyignore.yaml
@@ -2,28 +2,44 @@ vulnerabilities:
   - id: CVE-2024-35870
     statement: "kernel: smb: client: fix UAF in smb2_reconnect_server()"
     purls:
-      - "pkg:deb/ubuntu/linux-libc-dev@5.15.0-170.180?arch=amd64&distro=ubuntu-22.04"
+      - "pkg:deb/ubuntu/linux-libc-dev@5.15.0-171.181?arch=amd64&distro=ubuntu-22.04"
+      - "pkg:deb/ubuntu/linux-libc-dev@5.15.0-171.181?arch=arm64&distro=ubuntu-22.04"
     expired_at: 2026-08-12
   - id: CVE-2024-53179
     statement: "kernel: smb: client: fix use-after-free of signing key"
     purls:
-      - "pkg:deb/ubuntu/linux-libc-dev@5.15.0-170.180?arch=amd64&distro=ubuntu-22.04"
+      - "pkg:deb/ubuntu/linux-libc-dev@5.15.0-171.181?arch=amd64&distro=ubuntu-22.04"
+      - "pkg:deb/ubuntu/linux-libc-dev@5.15.0-171.181?arch=arm64&distro=ubuntu-22.04"
     expired_at: 2026-08-12
   - id: CVE-2025-37849
     statement: "kernel: KVM: arm64: Tear down vGIC on failed vCPU creation"
     purls:
-      - "pkg:deb/ubuntu/linux-libc-dev@5.15.0-170.180?arch=amd64&distro=ubuntu-22.04"
+      - "pkg:deb/ubuntu/linux-libc-dev@5.15.0-171.181?arch=amd64&distro=ubuntu-22.04"
+      - "pkg:deb/ubuntu/linux-libc-dev@5.15.0-171.181?arch=arm64&distro=ubuntu-22.04"
     expired_at: 2026-08-12
   - id: CVE-2025-37899
     statement: "kernel: ksmbd: fix use-after-free in session logoff"
     purls:
-      - "pkg:deb/ubuntu/linux-libc-dev@5.15.0-170.180?arch=amd64&distro=ubuntu-22.04"
+      - "pkg:deb/ubuntu/linux-libc-dev@5.15.0-171.181?arch=amd64&distro=ubuntu-22.04"
+      - "pkg:deb/ubuntu/linux-libc-dev@5.15.0-171.181?arch=arm64&distro=ubuntu-22.04"
     expired_at: 2026-08-12
   - id: CVE-2025-38118
     statement: "kernel: Linux kernel: Bluetooth MGMT use-after-free vulnerability allows privilege escalation"
     purls:
-      - "pkg:deb/ubuntu/linux-libc-dev@5.15.0-170.180?arch=amd64&distro=ubuntu-22.04"
+      - "pkg:deb/ubuntu/linux-libc-dev@5.15.0-171.181?arch=amd64&distro=ubuntu-22.04"
+      - "pkg:deb/ubuntu/linux-libc-dev@5.15.0-171.181?arch=arm64&distro=ubuntu-22.04"
     expired_at: 2026-08-12
+  - id: CVE-2026-23111
+    statement: "kernel: Kernel: Privilege escalation or denial of service in nf_tables via inverted element activity check"
+    purls:
+      - "pkg:deb/ubuntu/linux-libc-dev@5.15.0-171.181?arch=amd64&distro=ubuntu-22.04"
+      - "pkg:deb/ubuntu/linux-libc-dev@5.15.0-171.181?arch=arm64&distro=ubuntu-22.04"
+    expired_at: 2026-08-26
+  - id: CVE-2025-61594
+    statement: "uri: URI module: Credential exposure via URI + operator"
+    purls:
+      - "pkg:gem/uri@0.13.0"
+    expired_at: 2026-08-26
   - id: CVE-2026-26007
     statement: "cryptography: cryptography Subgroup Attack Due to Missing Subgroup Validation for SECT Curves"
     purls:
