Do package definition update on base images before building image to reduce Vulnerability

Question

Rajpratik71 opened this issue 2 years ago · comments

Is this a bug report or feature request?

Feature Request

What should the feature do:

Update the package definition update on base images before building image to install latest available package.

What would be solved through this feature:

Updating and installing latest package will help to reduce Vulnerability

Does this have an impact on existing features:

This shouldn't as ceph related package will install their required dependencies.

Pratik Raj · Answer 1 · Wed Oct 26 2022 17:38:05 GMT+0800 (China Standard Time)

There are many linux package with known Vulnerability and fixes.

Gert van den Berg · Answer 2 · Thu Feb 09 2023 15:04:09 GMT+0800 (China Standard Time)

Rebuilding the images now should do a lot better as well - Red Hat rebuilt the base image...