Unfortunately not - still does not appear to have bind security update
andrewRP01 opened this issue · comments
Unfortunately not - still does not appear to have bind security update
Originally posted by @andrewRP01 in #571 (comment)
I apologise I closed issue in error
Please use a workaround by adding yum update -y
in your application docker fie to resolve the security issue. Sample dockerfile named Dockerfile.centos
below
FROM adoptopenjdk/openjdk11:jre-11.0.11_9-centos
RUN yum update -y; \
yum clean all
Build docker image and scan for security using docker.
docker build -t jdk-centos-upd -f Dockerfile.centos .
docker scan jdk-centos-upd
@karianna @dinogun Build process question. CentOS docker files were updated in April, docker hub (link below) indicates images were built in 24 hours ago. Is the build process republish cashed build? Fresh build should have picked up the bind
package security update. Any insite would be great help
https://hub.docker.com/r/adoptopenjdk/openjdk11/tags?page=1&ordering=last_updated&name=centos-jre
I apologise I can confirm issue addressed - Had managed to continue using cached version