Closed bbemis017 closed 1 year ago
this seems to impact the nodejs and python images as well (and any image based on the base for these)
I also ran yum update -y
in it, and the scanner still raised a high alert after having -19 installed
#7 15.53 Updated:
...
#7 15.53 zlib.x86_64 0:1.2.7-19.amzn2.0.1
base images were updated to have zlib-1.2.7-19.amzn2.0.1.x86_64
installed by default
Can someone update the zlib package in the amazon/aws-lambda-java Image?
Currently the Image is on version
zlib-1.2.7-18.amzn2.x86_64
which is being flagged as having a reported vulnerability in ECR ALAS-2022-1772.I can work around it by adding
RUN yum -y update zlib
to my dockerfile but it's probably a good idea to update the image in docker as well