akanealw
eec8c28fb3
Some checks failed
Go Benchmark / Performance Regression Check (push) Has been cancelled
Cerberus Integration / Cerberus Security Stack Integration (push) Has been cancelled
Upload Coverage to Codecov / Backend Codecov Upload (push) Has been cancelled
Upload Coverage to Codecov / Frontend Codecov Upload (push) Has been cancelled
CodeQL - Analyze / CodeQL analysis (go) (push) Has been cancelled
CodeQL - Analyze / CodeQL analysis (javascript-typescript) (push) Has been cancelled
CrowdSec Integration / CrowdSec Bouncer Integration (push) Has been cancelled
Docker Build, Publish & Test / build-and-push (push) Has been cancelled
Quality Checks / Auth Route Protection Contract (push) Has been cancelled
Quality Checks / Codecov Trigger/Comment Parity Guard (push) Has been cancelled
Quality Checks / Backend (Go) (push) Has been cancelled
Quality Checks / Frontend (React) (push) Has been cancelled
Rate Limit integration / Rate Limiting Integration (push) Has been cancelled
Security Scan (PR) / Trivy Binary Scan (push) Has been cancelled
Supply Chain Verification (PR) / Verify Supply Chain (push) Has been cancelled
WAF integration / Coraza WAF Integration (push) Has been cancelled
Docker Build, Publish & Test / Security Scan PR Image (push) Has been cancelled
Repo Health Check / Repo health (push) Has been cancelled
History Rewrite Dry-Run / Dry-run preview for history rewrite (push) Has been cancelled
Prune Renovate Branches / prune (push) Has been cancelled
Renovate / renovate (push) Has been cancelled
30 lines
813 B
Markdown
Executable File
30 lines
813 B
Markdown
Executable File
# Monitor Upstream Nebula CVE Remediation
|
|
|
|
**Created:** 2026-02-10
|
|
**Priority:** P2 (Monitor)
|
|
**Type:** Security - Accepted Risk
|
|
|
|
## Objective
|
|
Monitor upstream dependencies for nebula v1.10.3 compatibility fixes.
|
|
|
|
## Watch List
|
|
- [ ] hslatman/caddy-crowdsec-bouncer releases
|
|
- [ ] hslatman/ipstore releases
|
|
- [ ] smallstep/certificates releases
|
|
- [ ] GHSA-69x3-g4r3-p962 severity changes
|
|
|
|
## Quarterly Check Schedule
|
|
- Q1 2026: 2026-03-31
|
|
- Q2 2026: 2026-06-30
|
|
- Q3 2026: 2026-09-30
|
|
- Q4 2026: 2026-12-31
|
|
|
|
## Check Actions
|
|
1. Visit release pages (links in security exception doc)
|
|
2. Check for nebula version updates in go.mod files
|
|
3. If compatible version found, create remediation task
|
|
4. Update this document with check date and findings
|
|
|
|
## Check Log
|
|
- 2026-02-10: Initial assessment - no compatible versions
|