Would it be possible to update to R 4.4 (released yesterday). This is important for folks that run on security sensitive environments given the recently found high severity vulnerability in R (https://thehackernews.com/2024/04/new-r-programming-vulnerability-exposes.html).

I can help get this going with a little support / guidance from you guys. But if you just tell me that's not going to happen over the next few weeks we may just switch to vanilla rocker/r-ver until you guys can update this image to R 4.4.

Thanks! Marcelo

Guys? Who else do you see here?

You also misunderstand. R 4.4.0 binaries have been available (for Ubuntu) since the weekend (following the Debian binaries I released the day R 4.4.0 was released). All you need is apt upgrade -qqq; apt update --yes. The r2u project is about CRAN packages as .deb binaries. It is a user of the R binaries in r-base-core just like other projects.

I will update the container soon and am working on that. You can always do so yourself any moment you desire, the Dockerfile is in this repo.

Great, was just not sure if simply doing a update/upgrade would pull down 4.4. Will test that on our end. Thank you so much for the quick response.

It will. That is what apt does given suitable repos. And @marutter and I have been taking care of those CRAN-mirrored Ubuntu binaries for well over a decade. Trust the process.

I do, was just not fully grasping that detail. Thanks again.

Also, technically r2u is the apt repo. The container is 'just a convenience' to access it. But it is current now:

edd@rob:~$ docker run --rm -ti rocker/r2u R -q -e 'getRversion()'
> getRversion()
[1] ‘4.4.0’
> 
> 
edd@rob:~$ 

But I recommend you keep an eye out for other stories around the CVE. One aspect is addressed, it is still an open door just like system() or system2() or pipe() are. A language that excels because it allows computation on the language will have such issues. Check your inputs. And check them again.