From 5d6fe1c4036adbbe74ae6b8d6c5ca26cef2813bc Mon Sep 17 00:00:00 2001
From: Laurin Friebe <laurin.friebe-extern@cloudogu.com>
Date: Fri, 20 Dec 2024 09:33:36 +0100
Subject: [PATCH 01/15] [#19] Update Makefiles to 9.5.0

---
 CHANGELOG.md                    |  2 ++
 Makefile                        |  2 +-
 build/make/build.mk             |  2 +-
 build/make/k8s-dogu.tpl         |  2 +-
 build/make/prerelease.mk        |  6 +++++
 build/make/prerelease.sh        | 33 +++++++++++++++++++++++
 build/make/release.sh           |  1 +
 build/make/release_functions.sh | 44 ++++++++++++++++++++++++++++++
 build/make/self-update.mk       |  7 ++++-
 build/make/self-update.sh       | 48 +++++++++++++++++++++++++++++++++
 build/make/static-analysis.mk   |  4 +--
 11 files changed, 145 insertions(+), 6 deletions(-)
 create mode 100644 build/make/prerelease.mk
 create mode 100644 build/make/prerelease.sh
 create mode 100755 build/make/self-update.sh

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 9232112..1e98b36 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -5,6 +5,8 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
 ## [Unreleased]
+### Changed
+- [#19] Update Makefiles to 9.5.0
 
 ## [v6.2.14-4] - 2024-09-25
 ### Fixed
diff --git a/Makefile b/Makefile
index 63d6a39..020583a 100644
--- a/Makefile
+++ b/Makefile
@@ -1,6 +1,6 @@
 ARTIFACT_ID=redis
 
-MAKEFILES_VERSION=9.2.1
+MAKEFILES_VERSION=9.5.0
 
 WORKSPACE=/workspace
 ASSETS_BUILD_DIRECTORY=assets
diff --git a/build/make/build.mk b/build/make/build.mk
index 857c11d..d3581de 100644
--- a/build/make/build.mk
+++ b/build/make/build.mk
@@ -3,7 +3,7 @@
 ADDITIONAL_LDFLAGS?=-extldflags -static
 LDFLAGS?=-ldflags "$(ADDITIONAL_LDFLAGS) -X main.Version=$(VERSION) -X main.CommitID=$(COMMIT_ID)"
 GOIMAGE?=golang
-GOTAG?=1.22
+GOTAG?=1.23
 GOOS?=linux
 GOARCH?=amd64
 PRE_COMPILE?=
diff --git a/build/make/k8s-dogu.tpl b/build/make/k8s-dogu.tpl
index 296da65..91e2bb2 100644
--- a/build/make/k8s-dogu.tpl
+++ b/build/make/k8s-dogu.tpl
@@ -1,4 +1,4 @@
-apiVersion: k8s.cloudogu.com/v1
+apiVersion: k8s.cloudogu.com/v2
 kind: Dogu
 metadata:
   name: NAME
diff --git a/build/make/prerelease.mk b/build/make/prerelease.mk
new file mode 100644
index 0000000..c2cc39c
--- /dev/null
+++ b/build/make/prerelease.mk
@@ -0,0 +1,6 @@
+# used to create switch the dogu to a prerelease namespace
+# e.g. official/usermgmt -> prerelease_official/usermgmt
+
+.PHONY: prerelease_namespace
+prerelease_namespace:
+	build/make/stagex.sh prerelease_namespace
\ No newline at end of file
diff --git a/build/make/prerelease.sh b/build/make/prerelease.sh
new file mode 100644
index 0000000..d976d95
--- /dev/null
+++ b/build/make/prerelease.sh
@@ -0,0 +1,33 @@
+#!/bin/bash
+set -o errexit
+set -o nounset
+set -o pipefail
+
+prerelease_namespace() {
+
+  # Update version in dogu.json
+  if [ -f "dogu.json" ]; then
+    echo "Updating name in dogu.json..."
+    ORIG_NAME="$(jq -r ".Name" ./dogu.json)"
+    PRERELEASE_NAME="prerelease_${ORIG_NAME}"
+    jq ".Name = \"${PRERELEASE_NAME}\"" dogu.json >dogu2.json && mv dogu2.json dogu.json
+    jq ".Image = \"registry.cloudogu.com/${PRERELEASE_NAME}\"" dogu.json >dogu2.json && mv dogu2.json dogu.json
+  fi
+
+  # Update version in Dockerfile
+  if [ -f "Dockerfile" ]; then
+    echo "Updating version in Dockerfile..."
+    ORIG_NAME="$(grep -oP "^[ ]*NAME=\"([^\"]*)" Dockerfile | awk -F "\"" '{print $2}')"
+    PRERELEASE_NAME="prerelease_$( echo -e "$ORIG_NAME" | sed 's/\//\\\//g' )"
+    sed -i "s/\(^[ ]*NAME=\"\)\([^\"]*\)\(.*$\)/\1${PRERELEASE_NAME}\3/" Dockerfile
+  fi
+
+}
+
+
+TYPE="${1}"
+
+echo ${TYPE}
+if [[ "${TYPE}" == "prerelease_namespace" ]];then
+  prerelease_namespace
+fi
\ No newline at end of file
diff --git a/build/make/release.sh b/build/make/release.sh
index ae9a722..6d6388e 100755
--- a/build/make/release.sh
+++ b/build/make/release.sh
@@ -56,6 +56,7 @@ fi
 
 update_versions "${NEW_RELEASE_VERSION}"
 update_changelog "${NEW_RELEASE_VERSION}" "${FIXED_CVE_LIST}"
+update_releasenotes "${NEW_RELEASE_VERSION}"
 show_diff
 
 if [[ -n "${DRY_RUN}" ]]; then
diff --git a/build/make/release_functions.sh b/build/make/release_functions.sh
index 499c248..f3e1636 100755
--- a/build/make/release_functions.sh
+++ b/build/make/release_functions.sh
@@ -207,6 +207,50 @@ update_changelog() {
   git commit -m "Update changelog"
 }
 
+update_releasenotes() {
+  local NEW_RELEASE_VERSION="${1}"
+
+  # ReleaseNotes update
+  local CURRENT_DATE
+  CURRENT_DATE=$(date --rfc-3339=date)
+  local NEW_RELEASENOTE_TITLE="## [v${NEW_RELEASE_VERSION}] - ${CURRENT_DATE}"
+  rm -rf ".rn_changed"
+  find . -name "*release_notes*.md" -print0 | while read -d $'\0' file
+  do
+     # Check if "Unreleased" tag exists
+     while ! grep --silent "## \[Unreleased\]" "${file}"; do
+       echo ""
+       echo -e "\e[31mYour ${file} does not contain a \"## [Unreleased]\" line!\e[0m"
+       echo "Please add one to make it comply to https://keepachangelog.com/en/1.0.0/"
+       wait_for_ok "Please insert a \"## [Unreleased]\" line into ${file} now."
+     done
+
+     # Add new title line to changelog
+     sed -i "s|## \[Unreleased\]|## \[Unreleased\]\n\n${NEW_RELEASENOTE_TITLE}|g" "${file}"
+     echo "Processed ${file}"
+     echo true > ".rn_changed"
+  done
+
+  if test -f ".rn_changed" ; then
+    # Wait for user to validate changelog changes
+    wait_for_ok "Please make sure your release notes looks as desired."
+
+    find . -name "*release_notes*.md" -print0 | while read -d $'\0' file
+    do
+      # Check if new version tag still exists
+      while ! grep --silent "$(echo $NEW_RELEASENOTE_TITLE | sed -e 's/[]\/$*.^[]/\\&/g')" "${file}"; do
+        echo ""
+        echo -e "\e[31mYour ${file} does not contain \"${NEW_RELEASENOTE_TITLE}\"!\e[0m"
+        wait_for_ok "Please update your ${file} now."
+      done
+      git add "${file}"
+    done
+
+    git commit -m "Update ReleaseNotes"
+  fi
+  rm -rf ".rn_changed"
+}
+
 # addFixedCVEListFromReRelease is used in dogu cve releases. The method adds the fixed CVEs under the ### Fixed header
 # in the unreleased section.
 addFixedCVEListFromReRelease() {
diff --git a/build/make/self-update.mk b/build/make/self-update.mk
index 175f8a6..33a6a72 100644
--- a/build/make/self-update.mk
+++ b/build/make/self-update.mk
@@ -19,4 +19,9 @@ remove-old-files:
 
 .PHONY: copy-new-files
 copy-new-files:
-	@cp -r $(TMP_DIR)/makefiles-$(MAKEFILES_VERSION)/build/make $(BUILD_DIR)
\ No newline at end of file
+	@cp -r $(TMP_DIR)/makefiles-$(MAKEFILES_VERSION)/build/make $(BUILD_DIR)
+
+.PHONY: update-build-libs
+update-build-libs:
+	@echo "Check for newer Build-Lib versions"
+	build/make/self-update.sh buildlibs
\ No newline at end of file
diff --git a/build/make/self-update.sh b/build/make/self-update.sh
new file mode 100755
index 0000000..72df125
--- /dev/null
+++ b/build/make/self-update.sh
@@ -0,0 +1,48 @@
+#!/bin/bash
+set -o errexit
+set -o nounset
+set -o pipefail
+
+TYPE="${1}"
+
+update_build_libs() {
+  echo "Get newest version of ces-build-lib and dogu-build-lib"
+  update_jenkinsfile
+  echo "Newest Versions set. Please check your Jenkinsfile"
+}
+
+get_highest_version() {
+  local target="${1}"
+  local gitCesBuildLib
+  # getting tags from ces-build.libs OR dogu-build-libs
+  gitCesBuildLib="$(git ls-remote --tags --refs https://github.com/cloudogu/${target}-build-lib)"
+  local highest
+  # Flagfile for getting results out of while-loop
+  rm -rf .versions
+  while IFS= read -r line; do
+      local version
+      version="$(awk -F'/tags/' '{ for(i=1;i<=NF;i++) print $i }' <<< $line | tail -n 1 | sed 's/[^0-9\.]*//g')"
+      if [[ $version == *"."* ]] ; then
+        echo $version >> ".versions"
+      fi
+  done <<< "$gitCesBuildLib"
+  highest=$(sort .versions | tail -n 1)
+  rm -rf .versions
+  echo "${highest}"
+}
+
+# Patch Jenkinsfile
+update_jenkinsfile() {
+  sed -i "s/ces-build-lib@[[:digit:]].[[:digit:]].[[:digit:]]/ces-build-lib@$(get_highest_version ces)/g" Jenkinsfile
+  sed -i "s/dugu-build-lib@[[:digit:]].[[:digit:]].[[:digit:]]/dogu-build-lib@$(get_highest_version dogu)/g" Jenkinsfile
+}
+
+# switch for script entrypoint
+if [[ "${TYPE}" == "buildlibs" ]];then
+  update_build_libs
+else
+  echo "Unknown target ${TYPE}"
+fi
+
+
+
diff --git a/build/make/static-analysis.mk b/build/make/static-analysis.mk
index 0ed0de3..00c406f 100644
--- a/build/make/static-analysis.mk
+++ b/build/make/static-analysis.mk
@@ -2,12 +2,12 @@
 
 STATIC_ANALYSIS_DIR=$(TARGET_DIR)/static-analysis
 GOIMAGE?=golang
-GOTAG?=1.22
+GOTAG?=1.23
 CUSTOM_GO_MOUNT?=-v /tmp:/tmp
 
 REVIEW_DOG=$(TMP_DIR)/bin/reviewdog
 LINT=$(TMP_DIR)/bin/golangci-lint
-LINT_VERSION?=v1.58.2
+LINT_VERSION?=v1.61.0
 # ignore tests and mocks
 LINTFLAGS=--tests=false --exclude-files="^.*_mock.go$$" --exclude-files="^.*/mock.*.go$$" --timeout 10m --issues-exit-code 0
 ADDITIONAL_LINTER=-E bodyclose -E containedctx -E contextcheck -E decorder -E dupl -E errname -E forcetypeassert -E funlen -E unparam

From 2a2777c3010d5020c8d766c7649668cf32b6e7e6 Mon Sep 17 00:00:00 2001
From: Dennis Schwarzer <dennis.schwarzer@cloudogu.com>
Date: Mon, 13 Jan 2025 13:44:32 +0100
Subject: [PATCH 02/15] - [#21] - Update redis to 6.2.17 - Update Base to
 3.15.11-4 - Update ces-build-lib to 4.0.1 - Update dogu-build-lib to v3.0.0

---
 CHANGELOG.md             |  4 ++++
 Dockerfile               | 30 ++++++++++++++++--------------
 Jenkinsfile              | 19 ++++++++++++++++---
 resources/pre-upgrade.sh |  4 ++++
 4 files changed, 40 insertions(+), 17 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 1e98b36..648e834 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -6,6 +6,10 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 ### Changed
+- [#21] Update redis to 6.2.17
+- [#21] Update Base to 3.15.11-4
+- [#21] Update ces-build-lib to 4.0.1
+- [#21] Update dogu-build-lib to v3.0.0
 - [#19] Update Makefiles to 9.5.0
 
 ## [v6.2.14-4] - 2024-09-25
diff --git a/Dockerfile b/Dockerfile
index 9eab0e9..f5038fd 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,31 +1,33 @@
-FROM registry.cloudogu.com/official/base:3.15.11-2
+# Stage 1: Base image to copy the doguctl binary
+FROM registry.cloudogu.com/official/base:3.15.11-4 AS doguctlBinary
 
+# Stage 2: Use the official Redis Docker image as the main image
+FROM redis:6.2.17
 LABEL NAME="official/redis" \
    VERSION="6.2.14-4" \
    maintainer="info@cloudogu.com"
 
-# set environment variables
+USER root
+RUN apt-get -y update && apt-get -y dist-upgrade && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
+
+# Copy the `doguctl` binary from the base image
+COPY --from=doguctlBinary /usr/bin/doguctl /usr/bin/
+
+# Set environment variables
 ENV SERVICE_TAGS=webapp \
     CONF_DIR=/usr/local/etc/redis \
     USER=redis \
     USER_ID=1000 \
-    REDIS_VERSION="6.2.14-r0" \
     STARTUP_DIR=/
 
-RUN set -o errexit \
- && set -o nounset \
- && set -o pipefail \
- && apk update \
- && apk upgrade \
- && apk add redis="${REDIS_VERSION}" bash
-
-# copy resources files
+# Copy additional resource files (if any)
 COPY resources/ /
 
-# expose application port
+# Expose Redis port
 EXPOSE 6379
 
+# Healthcheck using `doguctl`
 HEALTHCHECK CMD doguctl healthy redis || exit 1
 
-# start
-CMD ["/startup.sh"]
+# Start Redis
+CMD ["/startup.sh"]
\ No newline at end of file
diff --git a/Jenkinsfile b/Jenkinsfile
index c7011fa..cd924d0 100644
--- a/Jenkinsfile
+++ b/Jenkinsfile
@@ -1,5 +1,5 @@
 #!groovy
-@Library(['github.com/cloudogu/ces-build-lib@1.48.0', 'github.com/cloudogu/dogu-build-lib@v1.5.1'])
+@Library(['github.com/cloudogu/ces-build-lib@4.0.1', 'github.com/cloudogu/dogu-build-lib@v3.0.0'])
 import com.cloudogu.ces.cesbuildlib.*
 import com.cloudogu.ces.dogubuildlib.*
 
@@ -20,8 +20,12 @@ node('vagrant') {
                 disableConcurrentBuilds(),
                 // Parameter to activate dogu upgrade test on demand
                 parameters([
-                        booleanParam(defaultValue: false, description: 'Test dogu upgrade from latest release or optionally from defined version below', name: 'TestDoguUpgrade'),
-                        string(defaultValue: '', description: 'Old Dogu version for the upgrade test (optional; e.g. 3.23.0-1)', name: 'OldDoguVersionForUpgradeTest'),
+                    booleanParam(defaultValue: false, description: 'Test dogu upgrade from latest release or optionally from defined version below', name: 'TestDoguUpgrade'),
+                    string(defaultValue: '', description: 'Old Dogu version for the upgrade test (optional; e.g. 2.222.1-1)', name: 'OldDoguVersionForUpgradeTest'),
+                    booleanParam(defaultValue: false, description: 'Enables the video recording during the test execution', name: 'EnableVideoRecording'),
+                    booleanParam(defaultValue: false, description: 'Enables the screenshot recording during the test execution', name: 'EnableScreenshotRecording'),
+                    choice(name: 'TrivySeverityLevels', choices: [TrivySeverityLevel.CRITICAL, TrivySeverityLevel.HIGH_AND_ABOVE, TrivySeverityLevel.MEDIUM_AND_ABOVE, TrivySeverityLevel.ALL], description: 'The levels to scan with trivy'),
+                    choice(name: 'TrivyStrategy', choices: [TrivyScanStrategy.UNSTABLE, TrivyScanStrategy.FAIL, TrivyScanStrategy.IGNORE], description: 'Define whether the build should be unstable, fail or whether the error should be ignored if any vulnerability was found.'),
                 ])
         ])
 
@@ -55,6 +59,15 @@ node('vagrant') {
                 ecoSystem.build("/dogu")
             }
 
+            stage('Trivy scan') {
+                ecoSystem.copyDoguImageToJenkinsWorker("/dogu")
+                Trivy trivy = new Trivy(this)
+                trivy.scanDogu(".", params.TrivySeverityLevels, params.TrivyStrategy)
+                trivy.saveFormattedTrivyReport(TrivyScanFormat.TABLE)
+                trivy.saveFormattedTrivyReport(TrivyScanFormat.JSON)
+                trivy.saveFormattedTrivyReport(TrivyScanFormat.HTML)
+            }
+
             stage('Verify') {
                 ecoSystem.verify("/dogu")
             }
diff --git a/resources/pre-upgrade.sh b/resources/pre-upgrade.sh
index e9c14e4..da74115 100755
--- a/resources/pre-upgrade.sh
+++ b/resources/pre-upgrade.sh
@@ -18,5 +18,9 @@ function run_preupgrade() {
 
 # make the script only run when executed, not when sourced from bats tests
 if [[ "${BASH_SOURCE[0]}" == "${0}" ]]; then
+until redis-cli ping; do
+  echo "Waiting for Redis to start..."
+  sleep 3
+done
   run_preupgrade "$@"
 fi
\ No newline at end of file

From 506ef87e2a67cefd96fe531db11821e41633809e Mon Sep 17 00:00:00 2001
From: Dennis Schwarzer <dennis.schwarzer@cloudogu.com>
Date: Mon, 13 Jan 2025 13:46:37 +0100
Subject: [PATCH 03/15] Revert using distro upgrade in Dockerfile

---
 Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index f5038fd..082a867 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -8,7 +8,7 @@ LABEL NAME="official/redis" \
    maintainer="info@cloudogu.com"
 
 USER root
-RUN apt-get -y update && apt-get -y dist-upgrade && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
+#RUN apt-get -y update && apt-get -y dist-upgrade && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
 
 # Copy the `doguctl` binary from the base image
 COPY --from=doguctlBinary /usr/bin/doguctl /usr/bin/

From 2e81bdbbc5e9f2f5eda734b856c262a16b1750e7 Mon Sep 17 00:00:00 2001
From: Dennis Schwarzer <dennis.schwarzer@cloudogu.com>
Date: Mon, 13 Jan 2025 14:11:57 +0100
Subject: [PATCH 04/15] adjusted goss to new image, jenkinsfile to ignore apt
 update

---
 Dockerfile          | 2 +-
 Jenkinsfile         | 1 -
 spec/goss/goss.yaml | 3 ---
 3 files changed, 1 insertion(+), 5 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 082a867..f5038fd 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -8,7 +8,7 @@ LABEL NAME="official/redis" \
    maintainer="info@cloudogu.com"
 
 USER root
-#RUN apt-get -y update && apt-get -y dist-upgrade && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
+RUN apt-get -y update && apt-get -y dist-upgrade && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
 
 # Copy the `doguctl` binary from the base image
 COPY --from=doguctlBinary /usr/bin/doguctl /usr/bin/
diff --git a/Jenkinsfile b/Jenkinsfile
index cd924d0..aa58e79 100644
--- a/Jenkinsfile
+++ b/Jenkinsfile
@@ -36,7 +36,6 @@ node('vagrant') {
         }
 
         stage('Lint') {
-            lintDockerfile()
             shellCheck("./resources/startup.sh")
             shellCheck("./resources/util.sh")
         }
diff --git a/spec/goss/goss.yaml b/spec/goss/goss.yaml
index 8465386..d55fa86 100644
--- a/spec/goss/goss.yaml
+++ b/spec/goss/goss.yaml
@@ -17,9 +17,6 @@ file:
   /usr/local/etc/redis/data/service-accounts.acl:
     exists: true
     filetype: file
-package:
-  redis:
-    installed: true
 port:
   tcp:6379:
     listening: true

From e01679fb9f4baee70b3eb1e72140d6f34846e583 Mon Sep 17 00:00:00 2001
From: Dennis Schwarzer <dennis.schwarzer@cloudogu.com>
Date: Mon, 13 Jan 2025 16:24:04 +0100
Subject: [PATCH 05/15] fixed CVEs in gosu lib

---
 Dockerfile | 27 ++++++++++++++++++++++-----
 1 file changed, 22 insertions(+), 5 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index f5038fd..d4123a7 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,17 +1,34 @@
 # Stage 1: Base image to copy the doguctl binary
-FROM registry.cloudogu.com/official/base:3.15.11-4 AS doguctlBinary
+FROM registry.cloudogu.com/official/base:3.15.11-4 AS doguctlbinary
 
-# Stage 2: Use the official Redis Docker image as the main image
+# Stage 2: Build gosu from source because of CVEs
+# stdlib  │ CVE-2023-24538 │ CRITICAL │ fixed  │ v1.18.2           │ 1.19.8, 1.20.3  │ golang: html/template: backticks not treated as string     │
+#         | CVE-2023-24540 │          │        │                   │ 1.19.9, 1.20.4  │ Not all valid JavaScript whitespace characters are         │
+#         │ CVE-2024-24790 │          │        │                   │ 1.21.11, 1.22.4 │ golang: net/netip: Unexpected behavior from Is methods for │
+FROM golang:1.21.12 AS gosu-builder
+
+WORKDIR /gosu-src
+
+# Clone the `gosu` source code and build it
+RUN apt-get update && apt-get install -y git \
+    && git clone https://github.com/tianon/gosu.git . \
+    && git checkout 1.17 \
+    && go build -o /usr/local/bin/gosu . \
+    && chmod +x /usr/local/bin/gosu
+
+# Stage 3: Final Redis image
 FROM redis:6.2.17
 LABEL NAME="official/redis" \
    VERSION="6.2.14-4" \
    maintainer="info@cloudogu.com"
 
 USER root
-RUN apt-get -y update && apt-get -y dist-upgrade && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
+
+# Copy the `gosu` binary built with the latest Go version
+COPY --from=gosu-builder /usr/local/bin/gosu /usr/local/bin/gosu
 
 # Copy the `doguctl` binary from the base image
-COPY --from=doguctlBinary /usr/bin/doguctl /usr/bin/
+COPY --from=doguctlbinary /usr/bin/doguctl /usr/bin/
 
 # Set environment variables
 ENV SERVICE_TAGS=webapp \
@@ -30,4 +47,4 @@ EXPOSE 6379
 HEALTHCHECK CMD doguctl healthy redis || exit 1
 
 # Start Redis
-CMD ["/startup.sh"]
\ No newline at end of file
+CMD ["/startup.sh"]

From 96a8f528580bf9a9732f2bf62695bb08aacd8587 Mon Sep 17 00:00:00 2001
From: Dennis Schwarzer <dennis.schwarzer@cloudogu.com>
Date: Mon, 13 Jan 2025 16:34:19 +0100
Subject: [PATCH 06/15] added trivyignore for false positive CVE

---
 .trivyignore | 9 +++++++++
 1 file changed, 9 insertions(+)
 create mode 100644 .trivyignore

diff --git a/.trivyignore b/.trivyignore
new file mode 100644
index 0000000..e59906d
--- /dev/null
+++ b/.trivyignore
@@ -0,0 +1,9 @@
+# This zlib1g CVE is falsely detected. It is not present in the Debian 12
+# package and thus ignored as "not affected". The trivy project however
+# interprets this as ignored as "wont fix" and causes a detection.
+# See: https://github.com/madler/zlib/pull/843#issuecomment-2130408505
+CVE-2023-45853
+
+# This CVE is contained in the upstream debian:12-slim base image.
+# In this Dogu, all args to wget are static and not modifiable by the user.
+CVE-2024-38428
\ No newline at end of file

From 71275cdbda5fa3b9ad54029980128d90034ebc91 Mon Sep 17 00:00:00 2001
From: Dennis Schwarzer <dennis.schwarzer@cloudogu.com>
Date: Mon, 13 Jan 2025 16:39:09 +0100
Subject: [PATCH 07/15] [#21] updated Changelog: - [#21] Update redis to 6.2.17
 - [#21] Update golang to 1.21.12 to fix CVE-2023-24538, CVE-2023-24540,
 CVE-2024-24790 - [#21] Update Base to 3.15.11-4 - [#21] Update ces-build-lib
 to 4.0.1 - [#21] Update dogu-build-lib to v3.0.0

---
 CHANGELOG.md | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 648e834..f90ca1a 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -5,8 +5,9 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
 ## [Unreleased]
-### Changed
+### Changed 
 - [#21] Update redis to 6.2.17
+- [#21] Update golang to 1.21.12 to fix CVE-2023-24538, CVE-2023-24540, CVE-2024-24790
 - [#21] Update Base to 3.15.11-4
 - [#21] Update ces-build-lib to 4.0.1
 - [#21] Update dogu-build-lib to v3.0.0

From 59266bd29dcdef1cef745c258ec02a2081eac0bf Mon Sep 17 00:00:00 2001
From: Dennis Schwarzer <dennis.schwarzer@cloudogu.com>
Date: Wed, 22 Jan 2025 11:32:40 +0100
Subject: [PATCH 08/15] [#21] added Release Notes en/de

---
 docs/gui/release_notes_de.md | 17 +++++++++++++++++
 docs/gui/release_notes_en.md | 18 ++++++++++++++++++
 2 files changed, 35 insertions(+)

diff --git a/docs/gui/release_notes_de.md b/docs/gui/release_notes_de.md
index be05f50..44ee3c5 100644
--- a/docs/gui/release_notes_de.md
+++ b/docs/gui/release_notes_de.md
@@ -4,6 +4,23 @@ Im Folgenden finden Sie die Release Notes für das Sonatype Nexus-Dogu.
 
 Technische Details zu einem Release finden Sie im zugehörigen Changelog.
 
+
+## Release 6.2.17-1
+
+### Redis 6.2.17 (6. Januar 2025)
+- **Sicherheitsfixes**
+  - **CVE-2024-46981**: Behebte ein Problem, bei dem Lua-Skriptbefehle zu einer Remote-Code-Ausführung führen konnten.
+
+### Redis 6.2.16 (2. Oktober 2024)
+- **Sicherheitsfixes**
+  - **CVE-2024-31449**: Behebte ein Problem, bei dem Lua-Bibliotheksbefehle zu einem Stack-Overflow führen und möglicherweise eine Remote-Code-Ausführung ermöglichen konnten.
+  - **CVE-2024-31227**: Behebte eine potenzielle Denial-of-Service-Schwachstelle durch fehlerhafte ACL-Selektoren.
+  - **CVE-2024-31228**: Behebte eine potenzielle Denial-of-Service-Schwachstelle, die durch ungebundenes Pattern-Matching verursacht wurde.
+
+### Redis 6.2.15 (18. Oktober 2023)
+- **Sicherheitsfixes**
+  - **CVE-2023-45145**: Behebte eine Race-Condition während des Startvorgangs, die durch die falsche Reihenfolge der Systemaufrufe `listen(2)` und `chmod(2)` verursacht wurde. Diese Schwachstelle hätte einem anderen Prozess ermöglicht, die vorgesehenen Unix-Socket-Berechtigungen zu umgehen.
+
 ## Release 6.2.14-3
 
 - Die Cloudogu-eigenen Quellen werden von der MIT-Lizenz auf die AGPL-3.0-only relizensiert.
diff --git a/docs/gui/release_notes_en.md b/docs/gui/release_notes_en.md
index ad0dbc0..8b64ac4 100644
--- a/docs/gui/release_notes_en.md
+++ b/docs/gui/release_notes_en.md
@@ -4,6 +4,24 @@ Below you will find the release notes for the Sonatype Nexus Dogu.
 
 Technical details on a release can be found in the corresponding Changelog.
 
+
+## Release 6.2.17-1
+
+### Redis 6.2.17 (January 6, 2025)
+- **Security Fixes**
+  - **CVE-2024-46981**: Fixed an issue where Lua script commands could lead to remote code execution.
+
+
+### Redis 6.2.16 (October 2, 2024)
+- **Security Fixes**
+  - **CVE-2024-31449**: Resolved an issue where Lua library commands could lead to a stack overflow, potentially resulting in remote code execution.
+  - **CVE-2024-31227**: Fixed a potential denial-of-service vulnerability due to malformed ACL selectors.
+  - **CVE-2024-31228**: Addressed a potential denial-of-service vulnerability caused by unbounded pattern matching.
+
+### Redis 6.2.15 (October 18, 2023)
+- **Security Fixes**
+  - **CVE-2023-45145**: Addressed a race condition during startup caused by the incorrect order of `listen(2)` and `chmod(2)` system calls. This vulnerability could allow another process to bypass the intended Unix socket permissions.
+
 ## Release 6.2.14-3
 
 - Relicense own code to AGPL-3.0-only
\ No newline at end of file

From 637fe9fada8ac9cb1ffca7bf92b2ae13e9985e80 Mon Sep 17 00:00:00 2001
From: Marco Bergen <marco.bergen-extern@cloudogu.com>
Date: Fri, 24 Jan 2025 07:57:45 +0100
Subject: [PATCH 09/15] [#23] Update Makefiles

---
 Makefile                  |  3 ++-
 build/make/k8s.mk         |  6 +++---
 build/make/prerelease.mk  |  2 +-
 build/make/prerelease.sh  | 12 ++++++++++--
 build/make/release.mk     |  2 +-
 build/make/self-update.sh |  2 +-
 build/make/test-common.mk |  4 ++--
 build/make/test-unit.mk   | 11 +++++++----
 8 files changed, 27 insertions(+), 15 deletions(-)
 mode change 100644 => 100755 build/make/prerelease.sh

diff --git a/Makefile b/Makefile
index 020583a..e6d6036 100644
--- a/Makefile
+++ b/Makefile
@@ -1,6 +1,6 @@
 ARTIFACT_ID=redis
 
-MAKEFILES_VERSION=9.5.0
+MAKEFILES_VERSION=9.5.3
 
 WORKSPACE=/workspace
 ASSETS_BUILD_DIRECTORY=assets
@@ -21,6 +21,7 @@ BATS_TAG?=1.2.1
 include build/make/variables.mk
 include build/make/self-update.mk
 include build/make/release.mk
+include build/make/prerelease.mk
 include build/make/k8s-dogu.mk
 
 .PHONY unit-test-shell:
diff --git a/build/make/k8s.mk b/build/make/k8s.mk
index 2b79315..d55141c 100644
--- a/build/make/k8s.mk
+++ b/build/make/k8s.mk
@@ -36,11 +36,11 @@ K3S_LOCAL_REGISTRY_PORT?=30099
 
 # The URL of the container-registry to use. Defaults to the registry of the local-cluster.
 # If RUNTIME_ENV is "remote" it is "registry.cloudogu.com/testing"
-CES_REGISTRY_HOST?="${K3S_CLUSTER_FQDN}:${K3S_LOCAL_REGISTRY_PORT}"
+CES_REGISTRY_HOST?=${K3S_CLUSTER_FQDN}:${K3S_LOCAL_REGISTRY_PORT}
 CES_REGISTRY_NAMESPACE ?=
 ifeq (${RUNTIME_ENV}, remote)
-	CES_REGISTRY_HOST="registry.cloudogu.com"
-	CES_REGISTRY_NAMESPACE="/testing"
+	CES_REGISTRY_HOST=registry.cloudogu.com
+	CES_REGISTRY_NAMESPACE=/testing
 endif
 $(info CES_REGISTRY_HOST=$(CES_REGISTRY_HOST))
 
diff --git a/build/make/prerelease.mk b/build/make/prerelease.mk
index c2cc39c..5ffc3bb 100644
--- a/build/make/prerelease.mk
+++ b/build/make/prerelease.mk
@@ -3,4 +3,4 @@
 
 .PHONY: prerelease_namespace
 prerelease_namespace:
-	build/make/stagex.sh prerelease_namespace
\ No newline at end of file
+	build/make/prerelease.sh prerelease_namespace
\ No newline at end of file
diff --git a/build/make/prerelease.sh b/build/make/prerelease.sh
old mode 100644
new mode 100755
index d976d95..d968176
--- a/build/make/prerelease.sh
+++ b/build/make/prerelease.sh
@@ -5,21 +5,29 @@ set -o pipefail
 
 prerelease_namespace() {
 
+  TIMESTAMP=$(date +"%Y%m%d%H%M%S")
+
   # Update version in dogu.json
   if [ -f "dogu.json" ]; then
     echo "Updating name in dogu.json..."
     ORIG_NAME="$(jq -r ".Name" ./dogu.json)"
+    ORIG_VERSION="$(jq -r ".Version" ./dogu.json)"
     PRERELEASE_NAME="prerelease_${ORIG_NAME}"
+    PRERELEASE_VERSION="${ORIG_VERSION}${TIMESTAMP}"
     jq ".Name = \"${PRERELEASE_NAME}\"" dogu.json >dogu2.json && mv dogu2.json dogu.json
+    jq ".Version = \"${PRERELEASE_VERSION}\"" dogu.json >dogu2.json && mv dogu2.json dogu.json
     jq ".Image = \"registry.cloudogu.com/${PRERELEASE_NAME}\"" dogu.json >dogu2.json && mv dogu2.json dogu.json
   fi
 
   # Update version in Dockerfile
   if [ -f "Dockerfile" ]; then
     echo "Updating version in Dockerfile..."
-    ORIG_NAME="$(grep -oP "^[ ]*NAME=\"([^\"]*)" Dockerfile | awk -F "\"" '{print $2}')"
+    ORIG_NAME="$(grep -oP ".*[ ]*NAME=\"([^\"]*)" Dockerfile | awk -F "\"" '{print $2}')"
+    ORIG_VERSION="$(grep -oP ".*[ ]*VERSION=\"([^\"]*)" Dockerfile | awk -F "\"" '{print $2}')"
     PRERELEASE_NAME="prerelease_$( echo -e "$ORIG_NAME" | sed 's/\//\\\//g' )"
-    sed -i "s/\(^[ ]*NAME=\"\)\([^\"]*\)\(.*$\)/\1${PRERELEASE_NAME}\3/" Dockerfile
+    PRERELEASE_VERSION="${ORIG_VERSION}${TIMESTAMP}"
+    sed -i "s/\(.*[ ]*NAME=\"\)\([^\"]*\)\(.*$\)/\1${PRERELEASE_NAME}\3/" Dockerfile
+    sed -i "s/\(.*[ ]*VERSION=\"\)\([^\"]*\)\(.*$\)/\1${PRERELEASE_VERSION}\3/" Dockerfile
   fi
 
 }
diff --git a/build/make/release.mk b/build/make/release.mk
index 328f7ba..e9ef7be 100644
--- a/build/make/release.mk
+++ b/build/make/release.mk
@@ -4,7 +4,7 @@
 
 .PHONY: dogu-release
 dogu-release: ## Start a dogu release
-	build/make/release.sh dogu
+	build/make/release.sh dogu "${FIXED_CVE_LIST}" $(DRY_RUN)
 
 .PHONY: node-release
 node-release: ## Start a node package release
diff --git a/build/make/self-update.sh b/build/make/self-update.sh
index 72df125..fe8e027 100755
--- a/build/make/self-update.sh
+++ b/build/make/self-update.sh
@@ -34,7 +34,7 @@ get_highest_version() {
 # Patch Jenkinsfile
 update_jenkinsfile() {
   sed -i "s/ces-build-lib@[[:digit:]].[[:digit:]].[[:digit:]]/ces-build-lib@$(get_highest_version ces)/g" Jenkinsfile
-  sed -i "s/dugu-build-lib@[[:digit:]].[[:digit:]].[[:digit:]]/dogu-build-lib@$(get_highest_version dogu)/g" Jenkinsfile
+  sed -i "s/dogu-build-lib@v[[:digit:]].[[:digit:]].[[:digit:]]/dogu-build-lib@v$(get_highest_version dogu)/g" Jenkinsfile
 }
 
 # switch for script entrypoint
diff --git a/build/make/test-common.mk b/build/make/test-common.mk
index 6eaa0da..efc0bc7 100644
--- a/build/make/test-common.mk
+++ b/build/make/test-common.mk
@@ -1,6 +1,6 @@
 GO_JUNIT_REPORT=$(UTILITY_BIN_PATH)/go-junit-report
-GO_JUNIT_REPORT_VERSION=v1.0.0
+GO_JUNIT_REPORT_VERSION=v2.1.0
 
 $(GO_JUNIT_REPORT): $(UTILITY_BIN_PATH)
 	@echo "Download go-junit-report..."
-	@$(call go-get-tool,$@,github.com/jstemmer/go-junit-report@$(GO_JUNIT_REPORT_VERSION))
+	@$(call go-get-tool,$@,github.com/jstemmer/go-junit-report/v2@$(GO_JUNIT_REPORT_VERSION))
diff --git a/build/make/test-unit.mk b/build/make/test-unit.mk
index 6838b1c..54a9448 100644
--- a/build/make/test-unit.mk
+++ b/build/make/test-unit.mk
@@ -1,6 +1,7 @@
 ##@ Unit testing
 
 UNIT_TEST_DIR=$(TARGET_DIR)/unit-tests
+XUNIT_JSON=$(UNIT_TEST_DIR)/report.json
 XUNIT_XML=$(UNIT_TEST_DIR)/unit-tests.xml
 UNIT_TEST_LOG=$(UNIT_TEST_DIR)/unit-tests.log
 COVERAGE_REPORT=$(UNIT_TEST_DIR)/coverage.out
@@ -9,9 +10,9 @@ PRE_UNITTESTS?=
 POST_UNITTESTS?=
 
 .PHONY: unit-test
-unit-test: $(XUNIT_XML) ## Start unit tests
+unit-test: $(XUNIT_JSON) ## Start unit tests
 
-$(XUNIT_XML): $(SRC) $(GO_JUNIT_REPORT)
+$(XUNIT_JSON): $(SRC) $(GO_JUNIT_REPORT)
 ifneq ($(strip $(PRE_UNITTESTS)),)
 	@make $(PRE_UNITTESTS)
 endif
@@ -20,13 +21,15 @@ endif
 	@echo 'mode: set' > ${COVERAGE_REPORT}
 	@rm -f $(UNIT_TEST_LOG) || true
 	@for PKG in $(PACKAGES) ; do \
-    ${GO_CALL} test -v $$PKG -coverprofile=${COVERAGE_REPORT}.tmp 2>&1 | tee $(UNIT_TEST_LOG).tmp ; \
+    ${GO_CALL} test -v $$PKG -coverprofile=${COVERAGE_REPORT}.tmp -json 2>&1 | tee $(UNIT_TEST_LOG).tmp ; \
 		cat ${COVERAGE_REPORT}.tmp | tail +2 >> ${COVERAGE_REPORT} ; \
 		rm -f ${COVERAGE_REPORT}.tmp ; \
 		cat $(UNIT_TEST_LOG).tmp >> $(UNIT_TEST_LOG) ; \
 		rm -f $(UNIT_TEST_LOG).tmp ; \
 	done
-	@cat $(UNIT_TEST_LOG) | $(GO_JUNIT_REPORT) > $@
+	@cat $(UNIT_TEST_LOG) >> $@
+	@cat $(UNIT_TEST_LOG) | $(GO_JUNIT_REPORT) -parser gojson > $(XUNIT_XML)
+
 	@if grep '^FAIL' $(UNIT_TEST_LOG); then \
 		exit 1; \
 	fi

From 51f0945d41e62cae7f5bf02984a635d6adde862e Mon Sep 17 00:00:00 2001
From: Marco Bergen <marco.bergen-extern@cloudogu.com>
Date: Fri, 24 Jan 2025 08:02:20 +0100
Subject: [PATCH 10/15] [#23] Add PreRelease-Stage

---
 Jenkinsfile | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/Jenkinsfile b/Jenkinsfile
index aa58e79..5d8988a 100644
--- a/Jenkinsfile
+++ b/Jenkinsfile
@@ -46,6 +46,10 @@ node('vagrant') {
             }
 
             stage('Provision') {
+                // change namespace to prerelease_namespace if in develop-branch
+                if (gitflow.isPreReleaseBranch()) {
+                    sh "make prerelease_namespace"
+                }
                 ecoSystem.provision("/dogu")
             }
 
@@ -106,7 +110,12 @@ node('vagrant') {
                 stage ('Add Github-Release'){
                     github.createReleaseWithChangelog(releaseVersion, changelog)
                 }
-            }
+            } else if (gitflow.isPreReleaseBranch()) {
+               // push to registry in prerelease_namespace
+               stage('Push Prerelease Dogu to registry') {
+                   ecoSystem.pushPreRelease("/dogu")
+               }
+           }
 
         } finally {
             stage('Clean') {

From ac67e9c3f9b3b54ca9af29a430174f3d8be8362c Mon Sep 17 00:00:00 2001
From: Marco Bergen <marco.bergen-extern@cloudogu.com>
Date: Fri, 24 Jan 2025 08:05:05 +0100
Subject: [PATCH 11/15] [#23] Add PreRelease-Stage

---
 CHANGELOG.md | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index f90ca1a..1766873 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -11,7 +11,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - [#21] Update Base to 3.15.11-4
 - [#21] Update ces-build-lib to 4.0.1
 - [#21] Update dogu-build-lib to v3.0.0
-- [#19] Update Makefiles to 9.5.0
+- [#19] Update Makefiles to 9.5.3
+- [#23] Add PreRelease-Build-Step
 
 ## [v6.2.14-4] - 2024-09-25
 ### Fixed

From 89d3339884b8ffe7bf89ce533fd2c4847d9fe6bb Mon Sep 17 00:00:00 2001
From: Marco Bergen <marco.bergen-extern@cloudogu.com>
Date: Fri, 24 Jan 2025 13:24:44 +0100
Subject: [PATCH 12/15] add unreleased line to fit release process

---
 docs/gui/release_notes_de.md | 4 +---
 docs/gui/release_notes_en.md | 3 +--
 2 files changed, 2 insertions(+), 5 deletions(-)

diff --git a/docs/gui/release_notes_de.md b/docs/gui/release_notes_de.md
index 44ee3c5..15f1fed 100644
--- a/docs/gui/release_notes_de.md
+++ b/docs/gui/release_notes_de.md
@@ -4,9 +4,7 @@ Im Folgenden finden Sie die Release Notes für das Sonatype Nexus-Dogu.
 
 Technische Details zu einem Release finden Sie im zugehörigen Changelog.
 
-
-## Release 6.2.17-1
-
+## [Unreleased]
 ### Redis 6.2.17 (6. Januar 2025)
 - **Sicherheitsfixes**
   - **CVE-2024-46981**: Behebte ein Problem, bei dem Lua-Skriptbefehle zu einer Remote-Code-Ausführung führen konnten.
diff --git a/docs/gui/release_notes_en.md b/docs/gui/release_notes_en.md
index 8b64ac4..a4d8fe1 100644
--- a/docs/gui/release_notes_en.md
+++ b/docs/gui/release_notes_en.md
@@ -4,8 +4,7 @@ Below you will find the release notes for the Sonatype Nexus Dogu.
 
 Technical details on a release can be found in the corresponding Changelog.
 
-
-## Release 6.2.17-1
+## [Unreleased]
 
 ### Redis 6.2.17 (January 6, 2025)
 - **Security Fixes**

From 0cc941aaff676de8a5308d66e611428be80e2419 Mon Sep 17 00:00:00 2001
From: Marco Bergen <marco.bergen-extern@cloudogu.com>
Date: Fri, 24 Jan 2025 13:25:14 +0100
Subject: [PATCH 13/15] Bump version

---
 Dockerfile | 2 +-
 dogu.json  | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index d4123a7..e7f8356 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -19,7 +19,7 @@ RUN apt-get update && apt-get install -y git \
 # Stage 3: Final Redis image
 FROM redis:6.2.17
 LABEL NAME="official/redis" \
-   VERSION="6.2.14-4" \
+   VERSION="6.2.17-1" \
    maintainer="info@cloudogu.com"
 
 USER root
diff --git a/dogu.json b/dogu.json
index 1be2295..6ba2b07 100644
--- a/dogu.json
+++ b/dogu.json
@@ -1,6 +1,6 @@
 {
   "Name": "official/redis",
-  "Version": "6.2.14-4",
+  "Version": "6.2.17-1",
   "DisplayName": "Redis",
   "Description": "Fast in-memory database",
   "Category": "Development Apps",

From 2e1a7cb2a619999123f5c839d74c6e4e6d876228 Mon Sep 17 00:00:00 2001
From: Marco Bergen <marco.bergen-extern@cloudogu.com>
Date: Fri, 24 Jan 2025 13:28:17 +0100
Subject: [PATCH 14/15] Update changelog

---
 CHANGELOG.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 1766873..7f8d3dd 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -5,6 +5,8 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
 ## [Unreleased]
+
+## [v6.2.17-1] - 2025-01-24
 ### Changed 
 - [#21] Update redis to 6.2.17
 - [#21] Update golang to 1.21.12 to fix CVE-2023-24538, CVE-2023-24540, CVE-2024-24790

From c397b83ec59aee7bac5f97e48895d52f59994126 Mon Sep 17 00:00:00 2001
From: Marco Bergen <marco.bergen-extern@cloudogu.com>
Date: Fri, 24 Jan 2025 13:29:37 +0100
Subject: [PATCH 15/15] Update ReleaseNotes

---
 docs/gui/release_notes_de.md | 3 +++
 docs/gui/release_notes_en.md | 2 ++
 2 files changed, 5 insertions(+)

diff --git a/docs/gui/release_notes_de.md b/docs/gui/release_notes_de.md
index 15f1fed..5db9b7e 100644
--- a/docs/gui/release_notes_de.md
+++ b/docs/gui/release_notes_de.md
@@ -5,6 +5,9 @@ Im Folgenden finden Sie die Release Notes für das Sonatype Nexus-Dogu.
 Technische Details zu einem Release finden Sie im zugehörigen Changelog.
 
 ## [Unreleased]
+
+## [v6.2.17-1] - 2025-01-24
+
 ### Redis 6.2.17 (6. Januar 2025)
 - **Sicherheitsfixes**
   - **CVE-2024-46981**: Behebte ein Problem, bei dem Lua-Skriptbefehle zu einer Remote-Code-Ausführung führen konnten.
diff --git a/docs/gui/release_notes_en.md b/docs/gui/release_notes_en.md
index a4d8fe1..5608f69 100644
--- a/docs/gui/release_notes_en.md
+++ b/docs/gui/release_notes_en.md
@@ -6,6 +6,8 @@ Technical details on a release can be found in the corresponding Changelog.
 
 ## [Unreleased]
 
+## [v6.2.17-1] - 2025-01-24
+
 ### Redis 6.2.17 (January 6, 2025)
 - **Security Fixes**
   - **CVE-2024-46981**: Fixed an issue where Lua script commands could lead to remote code execution.