Groups keyboard shortcuts have been updated
Dismiss
See shortcuts
Clair configuration
6 views
Skip to first unread message
Arina Stebenkova
Nov 15, 2024, 4:06:57 PM11/15/24
to clai...@googlegroups.com
Hi there,
Our team recently switched from Clair v2 to v4, and everything works smoothly. However, we noticed a significant number of redundant package CVEs. This appears to be caused by the inclusion of subpackages of the main package (e.g., libpython, libc, and other lib*). We did not experience this behavior with Clair v2.
Could you please let me know if there is a configuration parameter or any other way to exclude these subpackages?
Thanks!
|
|
Arina Stebenkova
DevOps Engineer
|
Joseph Crosland
Nov 15, 2024, 4:18:07 PM11/15/24
to clair-dev
Hi!
Glad to hear it was (somewhat) smooth. Can you be more specific about which c/images you're seeing these CVEs in and include some vulnerability reports. There are no specific configuration parameters that would ostensibly change how the vulnerabilities are queried (except including/excluding unpatched RHEL vulnerabilities) so think the eventual answer will be "no", but would need to dig deeper.
Thanks,
Crozzy
Reply all
Reply to author
Forward
0 new messages