Skip to content

fix: add architecture input to zarf pull in upgrade#596

Open
JeffResc wants to merge 2 commits intomainfrom
fix/add-arch-zarf-pkg-pull-upgrade
Open

fix: add architecture input to zarf pull in upgrade#596
JeffResc wants to merge 2 commits intomainfrom
fix/add-arch-zarf-pkg-pull-upgrade

Conversation

@JeffResc
Copy link
Member

Description

add architecture input to zarf pull in upgrade

Checklist before merging

  • ADR proposed if making an architectural change to the repo
  • Tests run, docs added or updated as needed

@JeffResc JeffResc requested review from a team as code owners December 19, 2025 05:00
@github-actions
Copy link
Contributor

github-actions bot commented Dec 19, 2025

nginx 1.29.4 -> 1.29.4

New vulnerabilities: 0
Fixed vulnerabilities: 0
Existing vulnerabilities: 101

New vulnerabilities
ID SEVERITY URL
Fixed vulnerabilities
ID SEVERITY URL
Existing vulnerabilities
ID SEVERITY URL
CVE-2025-7425 high https://security-tracker.debian.org/tracker/CVE-2025-7425
CVE-2025-65018 high https://security-tracker.debian.org/tracker/CVE-2025-65018
CVE-2025-66293 high https://security-tracker.debian.org/tracker/CVE-2025-66293
CVE-2025-59375 high https://security-tracker.debian.org/tracker/CVE-2025-59375
CVE-2025-64720 high https://security-tracker.debian.org/tracker/CVE-2025-64720
CVE-2025-64505 medium https://security-tracker.debian.org/tracker/CVE-2025-64505
CVE-2024-38950 medium https://security-tracker.debian.org/tracker/CVE-2024-38950
CVE-2025-14104 medium https://security-tracker.debian.org/tracker/CVE-2025-14104
CVE-2025-64506 medium https://security-tracker.debian.org/tracker/CVE-2025-64506
CVE-2025-14104 medium https://security-tracker.debian.org/tracker/CVE-2025-14104
CVE-2025-14104 medium https://security-tracker.debian.org/tracker/CVE-2025-14104
CVE-2025-14104 medium https://security-tracker.debian.org/tracker/CVE-2025-14104
CVE-2025-14104 medium https://security-tracker.debian.org/tracker/CVE-2025-14104
CVE-2025-7709 medium https://security-tracker.debian.org/tracker/CVE-2025-7709
CVE-2025-14104 medium https://security-tracker.debian.org/tracker/CVE-2025-14104
CVE-2025-14104 medium https://security-tracker.debian.org/tracker/CVE-2025-14104
CVE-2025-10911 medium https://security-tracker.debian.org/tracker/CVE-2025-10911
CVE-2024-38949 medium https://security-tracker.debian.org/tracker/CVE-2024-38949
CVE-2025-14104 medium https://security-tracker.debian.org/tracker/CVE-2025-14104
CVE-2025-14104 medium https://security-tracker.debian.org/tracker/CVE-2025-14104
CVE-2013-0337 low https://security-tracker.debian.org/tracker/CVE-2013-0337
CVE-2024-56433 low https://security-tracker.debian.org/tracker/CVE-2024-56433
CVE-2025-11731 low https://security-tracker.debian.org/tracker/CVE-2025-11731
CVE-2025-6141 low https://security-tracker.debian.org/tracker/CVE-2025-6141
CVE-2025-6141 low https://security-tracker.debian.org/tracker/CVE-2025-6141
CVE-2025-66382 low https://security-tracker.debian.org/tracker/CVE-2025-66382
CVE-2024-56433 low https://security-tracker.debian.org/tracker/CVE-2024-56433
CVE-2025-6141 low https://security-tracker.debian.org/tracker/CVE-2025-6141
CVE-2024-2236 none https://security-tracker.debian.org/tracker/CVE-2024-2236
CVE-2019-1010024 none https://security-tracker.debian.org/tracker/CVE-2019-1010024
CVE-2023-31438 none https://security-tracker.debian.org/tracker/CVE-2023-31438
CVE-2024-26461 none https://security-tracker.debian.org/tracker/CVE-2024-26461
CVE-2025-10966 none https://security-tracker.debian.org/tracker/CVE-2025-10966
CVE-2018-20796 none https://security-tracker.debian.org/tracker/CVE-2018-20796
CVE-2024-26461 none https://security-tracker.debian.org/tracker/CVE-2024-26461
CVE-2024-26461 none https://security-tracker.debian.org/tracker/CVE-2024-26461
CVE-2022-0563 none https://security-tracker.debian.org/tracker/CVE-2022-0563
CVE-2022-0563 none https://security-tracker.debian.org/tracker/CVE-2022-0563
CVE-2025-8732 none https://security-tracker.debian.org/tracker/CVE-2025-8732
CVE-2019-1010025 none https://security-tracker.debian.org/tracker/CVE-2019-1010025
CVE-2024-26458 none https://security-tracker.debian.org/tracker/CVE-2024-26458
CVE-2007-5686 none https://security-tracker.debian.org/tracker/CVE-2007-5686
CVE-2018-6829 none https://security-tracker.debian.org/tracker/CVE-2018-6829
CVE-2017-9937 none https://security-tracker.debian.org/tracker/CVE-2017-9937
CVE-2023-31437 none https://security-tracker.debian.org/tracker/CVE-2023-31437
CVE-2022-0563 none https://security-tracker.debian.org/tracker/CVE-2022-0563
CVE-2011-3389 none https://security-tracker.debian.org/tracker/CVE-2011-3389
CVE-2018-20796 none https://security-tracker.debian.org/tracker/CVE-2018-20796
CVE-2013-4392 none https://security-tracker.debian.org/tracker/CVE-2013-4392
CVE-2022-0563 none https://security-tracker.debian.org/tracker/CVE-2022-0563
CVE-2010-4756 none https://security-tracker.debian.org/tracker/CVE-2010-4756
CVE-2025-5278 none https://security-tracker.debian.org/tracker/CVE-2025-5278
CVE-2019-1010025 none https://security-tracker.debian.org/tracker/CVE-2019-1010025
CVE-2009-4487 none https://security-tracker.debian.org/tracker/CVE-2009-4487
CVE-2011-3374 none https://security-tracker.debian.org/tracker/CVE-2011-3374
CVE-2019-1010023 none https://security-tracker.debian.org/tracker/CVE-2019-1010023
CVE-2021-45346 none https://security-tracker.debian.org/tracker/CVE-2021-45346
CVE-2023-31439 none https://security-tracker.debian.org/tracker/CVE-2023-31439
CVE-2013-4392 none https://security-tracker.debian.org/tracker/CVE-2013-4392
CVE-2018-5709 none https://security-tracker.debian.org/tracker/CVE-2018-5709
CVE-2023-31439 none https://security-tracker.debian.org/tracker/CVE-2023-31439
CVE-2022-1210 none https://security-tracker.debian.org/tracker/CVE-2022-1210
CVE-2022-0563 none https://security-tracker.debian.org/tracker/CVE-2022-0563
CVE-2022-0563 none https://security-tracker.debian.org/tracker/CVE-2022-0563
CVE-2015-3276 none https://security-tracker.debian.org/tracker/CVE-2015-3276
CVE-2019-1010023 none https://security-tracker.debian.org/tracker/CVE-2019-1010023
CVE-2005-2541 none https://security-tracker.debian.org/tracker/CVE-2005-2541
CVE-2018-5709 none https://security-tracker.debian.org/tracker/CVE-2018-5709
CVE-2018-5709 none https://security-tracker.debian.org/tracker/CVE-2018-5709
CVE-2018-5709 none https://security-tracker.debian.org/tracker/CVE-2018-5709
CVE-2024-26458 none https://security-tracker.debian.org/tracker/CVE-2024-26458
CVE-2023-31438 none https://security-tracker.debian.org/tracker/CVE-2023-31438
CVE-2017-16232 none https://security-tracker.debian.org/tracker/CVE-2017-16232
CVE-2019-9192 none https://security-tracker.debian.org/tracker/CVE-2019-9192
CVE-2019-1010024 none https://security-tracker.debian.org/tracker/CVE-2019-1010024
CVE-2024-26458 none https://security-tracker.debian.org/tracker/CVE-2024-26458
CVE-2019-1010022 none https://security-tracker.debian.org/tracker/CVE-2019-1010022
CVE-2023-31437 none https://security-tracker.debian.org/tracker/CVE-2023-31437
CVE-2025-10966 none https://security-tracker.debian.org/tracker/CVE-2025-10966
CVE-2025-8534 none https://security-tracker.debian.org/tracker/CVE-2025-8534
CVE-2019-9192 none https://security-tracker.debian.org/tracker/CVE-2019-9192
CVE-2018-10126 none https://security-tracker.debian.org/tracker/CVE-2018-10126
CVE-2021-4214 none https://security-tracker.debian.org/tracker/CVE-2021-4214
CVE-2020-15719 none https://security-tracker.debian.org/tracker/CVE-2020-15719
CVE-2017-14159 none https://security-tracker.debian.org/tracker/CVE-2017-14159
CVE-2024-26461 none https://security-tracker.debian.org/tracker/CVE-2024-26461
CVE-2022-0563 none https://security-tracker.debian.org/tracker/CVE-2022-0563
CVE-2017-17740 none https://security-tracker.debian.org/tracker/CVE-2017-17740
CVE-2007-5686 none https://security-tracker.debian.org/tracker/CVE-2007-5686
CVE-2011-4116 none https://security-tracker.debian.org/tracker/CVE-2011-4116
CVE-2019-1010022 none https://security-tracker.debian.org/tracker/CVE-2019-1010022
CVE-2015-9019 none https://security-tracker.debian.org/tracker/CVE-2015-9019
CVE-2017-18018 none https://security-tracker.debian.org/tracker/CVE-2017-18018
CVE-2025-8176 none https://security-tracker.debian.org/tracker/CVE-2025-8176
CVE-2025-8177 none https://security-tracker.debian.org/tracker/CVE-2025-8177
CVE-2010-4756 none https://security-tracker.debian.org/tracker/CVE-2010-4756
CVE-2024-26458 none https://security-tracker.debian.org/tracker/CVE-2024-26458
CVE-2011-3374 none https://security-tracker.debian.org/tracker/CVE-2011-3374
CVE-2022-0563 none https://security-tracker.debian.org/tracker/CVE-2022-0563
CVE-2022-0563 none https://security-tracker.debian.org/tracker/CVE-2022-0563
CVE-2025-9820 unknown https://security-tracker.debian.org/tracker/CVE-2025-9820

quay.io/rfcurated/nginx 1.29.4-slim-jammy-rfcurated-rfhardened -> 1.29.4-slim-jammy-rfcurated-rfhardened

New vulnerabilities: 0
Fixed vulnerabilities: 0
Existing vulnerabilities: 1

New vulnerabilities
ID SEVERITY URL
Fixed vulnerabilities
ID SEVERITY URL
Existing vulnerabilities
ID SEVERITY URL
CVE-2022-4899 low https://ubuntu.com/security/CVE-2022-4899

registry1.dso.mil/ironbank/opensource/nginx/nginx 1.29.4 -> 1.29.4

New vulnerabilities: 0
Fixed vulnerabilities: 0
Existing vulnerabilities: 114

New vulnerabilities
ID SEVERITY URL
Fixed vulnerabilities
ID SEVERITY URL
Existing vulnerabilities
ID SEVERITY URL
CVE-2024-1488 high https://access.redhat.com/security/cve/CVE-2024-1488
CVE-2024-56171 high https://access.redhat.com/security/cve/CVE-2024-56171
CVE-2024-12254 high https://access.redhat.com/security/cve/CVE-2024-12254
CVE-2024-12254 high https://access.redhat.com/security/cve/CVE-2024-12254
CVE-2024-12254 high https://access.redhat.com/security/cve/CVE-2024-12254
CVE-2025-12084 medium https://access.redhat.com/security/cve/CVE-2025-12084
CVE-2025-14104 medium https://access.redhat.com/security/cve/CVE-2025-14104
CVE-2025-9086 medium https://access.redhat.com/security/cve/CVE-2025-9086
CVE-2025-14104 medium https://access.redhat.com/security/cve/CVE-2025-14104
CVE-2024-28834 medium https://access.redhat.com/security/cve/CVE-2024-28834
CVE-2024-28835 medium https://access.redhat.com/security/cve/CVE-2024-28835
CVE-2025-5278 medium https://access.redhat.com/security/cve/CVE-2025-5278
CVE-2025-14104 medium https://access.redhat.com/security/cve/CVE-2025-14104
CVE-2025-13601 medium https://access.redhat.com/security/cve/CVE-2025-13601
CVE-2025-13837 medium https://access.redhat.com/security/cve/CVE-2025-13837
CVE-2025-13837 medium https://access.redhat.com/security/cve/CVE-2025-13837
CVE-2024-28834 medium https://access.redhat.com/security/cve/CVE-2024-28834
CVE-2025-67897 medium https://access.redhat.com/security/cve/CVE-2025-67897
CVE-2025-14087 medium https://access.redhat.com/security/cve/CVE-2025-14087
CVE-2025-9714 medium https://access.redhat.com/security/cve/CVE-2025-9714
CVE-2025-13836 medium https://access.redhat.com/security/cve/CVE-2025-13836
CVE-2025-4598 medium https://access.redhat.com/security/cve/CVE-2025-4598
CVE-2025-14104 medium https://access.redhat.com/security/cve/CVE-2025-14104
CVE-2024-28835 medium https://access.redhat.com/security/cve/CVE-2024-28835
CVE-2024-6197 medium https://access.redhat.com/security/cve/CVE-2024-6197
CVE-2025-14512 medium https://access.redhat.com/security/cve/CVE-2025-14512
CVE-2025-14104 medium https://access.redhat.com/security/cve/CVE-2025-14104
CVE-2025-4516 medium https://access.redhat.com/security/cve/CVE-2025-4516
CVE-2025-50181 medium https://access.redhat.com/security/cve/CVE-2025-50181
CVE-2025-13836 medium https://access.redhat.com/security/cve/CVE-2025-13836
CVE-2025-8291 medium https://access.redhat.com/security/cve/CVE-2025-8291
CVE-2024-12133 medium https://access.redhat.com/security/cve/CVE-2024-12133
CVE-2025-29087 medium https://access.redhat.com/security/cve/CVE-2025-29087
CVE-2025-14104 medium https://access.redhat.com/security/cve/CVE-2025-14104
CVE-2025-11411 medium https://access.redhat.com/security/cve/CVE-2025-11411
CVE-2025-10966 medium https://access.redhat.com/security/cve/CVE-2025-10966
CVE-2025-4516 medium https://access.redhat.com/security/cve/CVE-2025-4516
CVE-2024-12243 medium https://access.redhat.com/security/cve/CVE-2024-12243
CVE-2024-12243 medium https://access.redhat.com/security/cve/CVE-2024-12243
CVE-2024-28834 medium https://access.redhat.com/security/cve/CVE-2024-28834
CVE-2025-50182 medium https://access.redhat.com/security/cve/CVE-2025-50182
CVE-2025-6069 medium https://access.redhat.com/security/cve/CVE-2025-6069
CVE-2025-12084 medium https://access.redhat.com/security/cve/CVE-2025-12084
CVE-2025-6069 medium https://access.redhat.com/security/cve/CVE-2025-6069
CVE-2024-6197 medium https://access.redhat.com/security/cve/CVE-2024-6197
CVE-2025-7458 medium https://access.redhat.com/security/cve/CVE-2025-7458
CVE-2025-60753 medium https://access.redhat.com/security/cve/CVE-2025-60753
CVE-2025-13837 medium https://access.redhat.com/security/cve/CVE-2025-13837
CVE-2024-12224 medium https://access.redhat.com/security/cve/CVE-2024-12224
CVE-2025-13836 medium https://access.redhat.com/security/cve/CVE-2025-13836
CVE-2025-10966 medium https://access.redhat.com/security/cve/CVE-2025-10966
CVE-2025-6069 medium https://access.redhat.com/security/cve/CVE-2025-6069
CVE-2025-9086 medium https://access.redhat.com/security/cve/CVE-2025-9086
CVE-2025-8291 medium https://access.redhat.com/security/cve/CVE-2025-8291
CVE-2024-28835 medium https://access.redhat.com/security/cve/CVE-2024-28835
CVE-2024-12243 medium https://access.redhat.com/security/cve/CVE-2024-12243
CVE-2025-8291 medium https://access.redhat.com/security/cve/CVE-2025-8291
CVE-2025-4516 medium https://access.redhat.com/security/cve/CVE-2025-4516
CVE-2025-12084 medium https://access.redhat.com/security/cve/CVE-2025-12084
CVE-2025-4598 medium https://access.redhat.com/security/cve/CVE-2025-4598
CVE-2025-4598 medium https://access.redhat.com/security/cve/CVE-2025-4598
CVE-2024-45490 medium https://access.redhat.com/security/cve/CVE-2024-45490
CVE-2024-7592 low https://access.redhat.com/security/cve/CVE-2024-7592
CVE-2025-1795 low https://access.redhat.com/security/cve/CVE-2025-1795
CVE-2025-3360 low https://access.redhat.com/security/cve/CVE-2025-3360
CVE-2025-6052 low https://access.redhat.com/security/cve/CVE-2025-6052
CVE-2025-1376 low https://access.redhat.com/security/cve/CVE-2025-1376
CVE-2024-11053 low https://access.redhat.com/security/cve/CVE-2024-11053
CVE-2025-1371 low https://access.redhat.com/security/cve/CVE-2025-1371
CVE-2025-1371 low https://access.redhat.com/security/cve/CVE-2025-1371
CVE-2025-9232 low https://access.redhat.com/security/cve/CVE-2025-9232
CVE-2025-6075 low https://access.redhat.com/security/cve/CVE-2025-6075
CVE-2025-66382 low https://access.redhat.com/security/cve/CVE-2025-66382
CVE-2025-1376 low https://access.redhat.com/security/cve/CVE-2025-1376
CVE-2024-5535 low https://access.redhat.com/security/cve/CVE-2024-5535
CVE-2025-1376 low https://access.redhat.com/security/cve/CVE-2025-1376
CVE-2025-1377 low https://access.redhat.com/security/cve/CVE-2025-1377
CVE-2025-6075 low https://access.redhat.com/security/cve/CVE-2025-6075
CVE-2024-7592 low https://access.redhat.com/security/cve/CVE-2024-7592
CVE-2025-7039 low https://access.redhat.com/security/cve/CVE-2025-7039
CVE-2025-5918 low https://access.redhat.com/security/cve/CVE-2025-5918
CVE-2024-43168 low https://access.redhat.com/security/cve/CVE-2024-43168
CVE-2025-1371 low https://access.redhat.com/security/cve/CVE-2025-1371
CVE-2025-5915 low https://access.redhat.com/security/cve/CVE-2025-5915
CVE-2023-53161 low https://access.redhat.com/security/cve/CVE-2023-53161
CVE-2024-34459 low https://access.redhat.com/security/cve/CVE-2024-34459
CVE-2025-6075 low https://access.redhat.com/security/cve/CVE-2025-6075
CVE-2024-41996 low https://access.redhat.com/security/cve/CVE-2024-41996
CVE-2025-1377 low https://access.redhat.com/security/cve/CVE-2025-1377
CVE-2025-1377 low https://access.redhat.com/security/cve/CVE-2025-1377
CVE-2025-27113 low https://access.redhat.com/security/cve/CVE-2025-27113
CVE-2025-53859 low https://access.redhat.com/security/cve/CVE-2025-53859
CVE-2024-11053 low https://access.redhat.com/security/cve/CVE-2024-11053
CVE-2025-5916 low https://access.redhat.com/security/cve/CVE-2025-5916
CVE-2025-6170 low https://access.redhat.com/security/cve/CVE-2025-6170
CVE-2024-7592 low https://access.redhat.com/security/cve/CVE-2024-7592
CVE-2025-1795 low https://access.redhat.com/security/cve/CVE-2025-1795
CVE-2024-7264 low https://access.redhat.com/security/cve/CVE-2024-7264
CVE-2024-33655 low https://access.redhat.com/security/cve/CVE-2024-33655
CVE-2024-4603 low https://access.redhat.com/security/cve/CVE-2024-4603
CVE-2024-43167 low https://access.redhat.com/security/cve/CVE-2024-43167
CVE-2025-10148 low https://access.redhat.com/security/cve/CVE-2025-10148
CVE-2025-10148 low https://access.redhat.com/security/cve/CVE-2025-10148
CVE-2025-1371 low https://access.redhat.com/security/cve/CVE-2025-1371
CVE-2024-7264 low https://access.redhat.com/security/cve/CVE-2024-7264
CVE-2025-5917 low https://access.redhat.com/security/cve/CVE-2025-5917
CVE-2024-13176 low https://access.redhat.com/security/cve/CVE-2024-13176
CVE-2024-58261 low https://access.redhat.com/security/cve/CVE-2024-58261
CVE-2024-4741 low https://access.redhat.com/security/cve/CVE-2024-4741
CVE-2025-1376 low https://access.redhat.com/security/cve/CVE-2025-1376
CVE-2025-1632 low https://access.redhat.com/security/cve/CVE-2025-1632
CVE-2025-1795 low https://access.redhat.com/security/cve/CVE-2025-1795
CVE-2025-1377 low https://access.redhat.com/security/cve/CVE-2025-1377
CVE-2023-53160 low https://access.redhat.com/security/cve/CVE-2023-53160

@zachariahmiller
Copy link
Collaborator

@JeffResc Why is this needed?

@JeffResc
Copy link
Member Author

Sorry I meant to start a Slack thread for this, but haven't gotten around to it yet. Specifically, when virtualizing an amd64 cluster with Colima, zarf package pull attempts to pull the arm64 version of the package (matching the host) even though Colima virtualization supports running amd64 images. This override allows you to specify the architecture for this use case

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants