OpenJDK11 based on bookworm base image

docker-library / openjdk

Docker Official Image packaging for EA builds of OpenJDK from Oracle

http://openjdk.java.net

MIT License

1.14k stars 471 forks source link

OpenJDK11 based on bookworm base image #499

Closed dbl6 closed 2 years ago

dbl6 commented 2 years ago

Hi,

We are currently using openjdk:11-jre-slim which contains vulnerabilities (CVE-2022-1292) in OpenSSL. I haven't found any docker image based on debian bookworm that is free from OpenSSL vulnerabilities. Could you please create image with OpenJDK11 based on bookworm?

Thanks, Darek

wglambert commented 2 years ago

Bookworm is unstable/testing, we only use stable releases of distributions https://www.debian.org/releases/

For CVE-2022-1292 see https://github.com/docker-library/python/issues/728