CVE-2022-29458 in Percona Toolkit 3.3.0-r0

We installed Percona Toolkil in a Linux Alpine container by installing it from the alpine/edge/testing repository. Our scanner now reports an issue on this container caused by the Percona Toolkit installation:

CVE              Severity     Package/Path Info       Status
-------          -----------  ----------------------  ---------------------------
CVE-2022-29458   high         ncurses                 fixed in 6.3_p20211120-r1
1 Like

Hello, may I ask you to report this to jira.percona.com so dev team can take a look?

thanks

1 Like

Hi @pteunissen
ncurses package is provided by package repos from operation system.
So it should be updated on OS level and there is nothing to be done on Percona Toolkit side

1 Like