Medium CVEs present on latest image CVE-2023-42363/6

[jracabado]

Hi,

Our scanner alerted us to the BusyBox CVEs being present on the latest version of image jonasal/nginx-certbot image.

The CVEs are:

• https://www.cve.org/CVERecord?id=CVE-2023-42366
• https://www.cve.org/CVERecord?id=CVE-2023-42365
• https://www.cve.org/CVERecord?id=CVE-2023-42364
• https://www.cve.org/CVERecord?id=CVE-2023-42363

Rebuilding should fix these as a the latest Nginx image includes a patched version of Alpine v3.19.

Allow me to thank you in advance for keeping this project updated and I hope these issues help with that.

[JonasAlfredsson]

Do I read these CVEs right that they are for awk? I don't think we use awk at all, so it shouldn't really matter, but I will rebuild stuff either way since it is easy from my side.

[jracabado]

@JonasAlfredsson that's correct. These were still classified as Medium vulnerabilities. Thanks for the rebuild, these now appear as solved in the vulnerability scanners.