Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

False Positives for Docker binary on macOS #25571

Closed
rebeccaui opened this issue Jan 17, 2025 · 7 comments
Closed

False Positives for Docker binary on macOS #25571

rebeccaui opened this issue Jan 17, 2025 · 7 comments
Assignees
@rebeccaui
Labels
bug Something isn't working as documented customer-flavia :help-customers Customer success issue. :release Ready to write code. Scheduled in a release. See "Making changes" in handbook. :reproduce Involves documenting reproduction steps in the issue ~vulnerability-management

Comments

@rebeccaui
Copy link
Contributor

Fleet version: 4.60.0

Web browser and operating system: macOS 15.2

💥  Actual behavior

The Homebrew package shows a bunch of vulnerabilities, but the native app bundle does not. It is listed as vulnerable to CVE-2018-10892, CVE-2019-13139, CVE-2019-13509, +5 more.

Image

Image

Image

🧑‍💻  Steps to reproduce

  1. TODO
  2. TODO

🕯️ More info (optional)

N/A
@rebeccaui rebeccaui added :incoming New issue in triage process. :reproduce Involves documenting reproduction steps in the issue bug Something isn't working as documented customer-flavia ~vulnerability-management labels Jan 17, 2025
@JoStableford
Copy link
Contributor

Linked to Unthread ticket:

False positives in docker binary on macOS #4184

@iansltx
Copy link
Member

iansltx commented Jan 19, 2025

Resolution here would be to upgrade to 4.62+, as #22944 removes the duplicate Homebrew package when we track the same title via apps, and that would take care of this. If the customer can still repro this after an upgrade to at least 4.62, we can dig further.

@iansltx iansltx added #g-software Software product group and removed :incoming New issue in triage process. labels Jan 19, 2025
@mostlikelee mostlikelee added the :release Ready to write code. Scheduled in a release. See "Making changes" in handbook. label Jan 24, 2025
@lukeheath lukeheath added the :help-customers Customer success issue. label Jan 24, 2025
@lukeheath lukeheath removed the #g-software Software product group label Jan 24, 2025
@lukeheath
Copy link
Member

@rebeccaui It sounds like getting the customer up to 4.62.0 should resolve this. Please let us know if it doesn't.

@mostlikelee FYI, I'm moving this off the software board and on to the customer success board so they can track.

@rebeccaui
Copy link
Contributor Author

@lukeheath @iansltx They upgraded to 4.62.2, and the issue does not appear to have changed.

@iansltx
Copy link
Member

iansltx commented Jan 27, 2025

@rebeccaui Given that they're using the default vulnerabilities interval of one hour, it will take two hours for false positives to fall off of the list. Has it been that long?

@rebeccaui
Copy link
Contributor Author

@iansltx You are correct, and I've been given confirmation that this issue is resolved!

@iansltx iansltx closed this as completed Jan 28, 2025
@fleet-release
Copy link
Contributor

Docker bug in sight,
False positives cloud the view,
Fleet brings the light.

@iansltx iansltx mentioned this issue Jan 30, 2025
Closed
@iansltx iansltx mentioned this issue Feb 18, 2025
Open
17 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@rebeccaui rebeccaui

Labels
bug Something isn't working as documented customer-flavia :help-customers Customer success issue. :release Ready to write code. Scheduled in a release. See "Making changes" in handbook. :reproduce Involves documenting reproduction steps in the issue ~vulnerability-management
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@iansltx @lukeheath @mostlikelee @rebeccaui @JoStableford @fleet-release