github-actions(deps): Bump docker/build-push-action from 6.7.0 to 6…

….9.0 (#118) * github-actions(deps): Bump docker/build-push-action Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 6.7.0 to 6.9.0. - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](docker/build-push-action@5cd11c3...4f58ea7) --- updated-dependencies: - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> * update trivy ignore --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: BrianEllwood <[email protected]>
ministryofjustice · Oct 3, 2024 · 0119d45 · 0119d45
1 parent 8428c9d
commit 0119d45
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 1 deletion.
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -37,7 +37,7 @@ jobs:
 
       - name: Build and Push
         id: build_and_push
-        uses: docker/build-push-action@5cd11c3a4ced054e52742c5fd54dca954e0edd85 # v6.7.0
+        uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6.9.0
         with:
           push: true
           tags: ghcr.io/${{ github.repository }}:${{ github.ref_name }}

diff --git a/.trivyignore b/.trivyignore
@@ -5,3 +5,7 @@ CVE-2022-25883
 # .NET
 CVE-2019-0980
 CVE-2019-0981
+
+# In the Linux kernel, the following vulnerability has been resolved:
+# exec: Fix ToCToU between perm check and set-uid/gid usage
+CVE-2024-43882