search

bell-sw / Liberica

Free and 100% open source Progressive Java Runtime for modern Java™ deployments supported by a leading OpenJDK contributor
https://bell-sw.com/pages/libericajdk/
GNU General Public License v2.0
299 stars 28 forks source link

Upgrade Alpine to latest release 3.16.4 to fix vulnerabilities #119

Closed etiennepeiniau closed 1 year ago

etiennepeiniau commented 1 year ago

Hi,

Is-it possible to upgrade the base image for alpine versions to 3.16.4 (mostly just a build / publish) ?

This will correct the following critical CVE : https://nvd.nist.gov/vuln/detail/CVE-2023-0286

You can find the alpine changelog here : https://www.alpinelinux.org/posts/Alpine-3.14.9-3.15.7-3.16.4-released.html

Thanks.

ryandens commented 1 year ago

Any plans to address this?

PakhomGolynga commented 1 year ago

Hi, New Alpine images have been built from 3.16.4 (which is referenced as 3.16 in dockerfiles)

# cat /etc/alpine-release 3.16.4