Unfortunately not - still does not appear to have bind security update

Question

Unfortunately not - still does not appear to have bind security update

andrewRP01 opened this issue 3 years ago · comments

andrewRP01 commented 3 years ago

Originally posted by @andrewRP01 in #571 (comment)

andrewRP01 · Answer 1 · Thu Jul 01 2021 19:53:21 GMT+0800 (China Standard Time)

I apologise I closed issue in error

Bala Raman · Answer 2 · Thu Jul 01 2021 20:30:56 GMT+0800 (China Standard Time)

Please use a workaround by adding yum update -y in your application docker fie to resolve the security issue. Sample dockerfile named Dockerfile.centos below

FROM adoptopenjdk/openjdk11:jre-11.0.11_9-centos

RUN yum update -y; \
    yum clean all

Build docker image and scan for security using docker.

docker build -t jdk-centos-upd -f Dockerfile.centos .
docker scan jdk-centos-upd

Bala Raman · Answer 3 · Fri Jul 02 2021 11:04:52 GMT+0800 (China Standard Time)

@karianna @dinogun Build process question. CentOS docker files were updated in April, docker hub (link below) indicates images were built in 24 hours ago. Is the build process republish cashed build? Fresh build should have picked up the bind package security update. Any insite would be great help

https://hub.docker.com/r/adoptopenjdk/openjdk11/tags?page=1&ordering=last_updated&name=centos-jre

andrewRP01 · Answer 4 · Fri Jul 02 2021 21:02:08 GMT+0800 (China Standard Time)

I apologise I can confirm issue addressed - Had managed to continue using cached version