Open generalova-kate opened 3 years ago
Kernel-headers package (v3.10.0) contains some high CVEs, please look at the Snyk scan Could you update centos:7 image with the latest available kernel v5.4 to fix security vulnerabilities? Docker image: centos :7 8652b9f0cb4c updated Feb 3, 2021 Kernel packages: kernel.x86_64 3.10.0-1160.15.2.el7 updates kernel-abi-whitelists.noarch 3.10.0-1160.15.2.el7 updates kernel-debug.x86_64 3.10.0-1160.15.2.el7 updates kernel-debug-devel.x86_64 3.10.0-1160.15.2.el7 updates kernel-devel.x86_64 3.10.0-1160.15.2.el7 updates kernel-doc.noarch 3.10.0-1160.15.2.el7 updates kernel-headers.x86_64 3.10.0-1160.15.2.el7 updates kernel-tools.x86_64 3.10.0-1160.15.2.el7 updates kernel-tools-libs.x86_64 3.10.0-1160.15.2.el7 updates kernel-tools-libs-devel.x86_64 3.10.0-1160.15.2.el7 updates
@jperrin @blalor could you address that issue?
Wow - hard to believe that this issue was not yet addressed.
Just asked the same question , will there a new image include these security issue fix?
Kernel-headers package (v3.10.0) contains some high CVEs, please look at the Snyk scan Could you update centos:7 image with the latest available kernel v5.4 to fix security vulnerabilities? Docker image: centos :7 8652b9f0cb4c updated Feb 3, 2021 Kernel packages: kernel.x86_64 3.10.0-1160.15.2.el7 updates kernel-abi-whitelists.noarch 3.10.0-1160.15.2.el7 updates kernel-debug.x86_64 3.10.0-1160.15.2.el7 updates kernel-debug-devel.x86_64 3.10.0-1160.15.2.el7 updates kernel-devel.x86_64 3.10.0-1160.15.2.el7 updates kernel-doc.noarch 3.10.0-1160.15.2.el7 updates kernel-headers.x86_64 3.10.0-1160.15.2.el7 updates kernel-tools.x86_64 3.10.0-1160.15.2.el7 updates kernel-tools-libs.x86_64 3.10.0-1160.15.2.el7 updates kernel-tools-libs-devel.x86_64 3.10.0-1160.15.2.el7 updates
@jperrin @blalor could you address that issue?