LaurentGoderre
commented
3 days ago Eclipse Temurin, on which this image is based on, does not have a noble variant yet.
Closed TommyTran732 closed 2 days ago
LaurentGoderre
commented
3 days ago Eclipse Temurin, on which this image is based on, does not have a noble variant yet.
tianon
commented
2 days ago You might also find https://github.com/docker-library/faq#why-does-my-security-scanner-show-that-an-image-has-cves helpful (ie, grype might not be telling you the full story -- the Ubuntu security team is extremely proactive, even on jammy).
TommyTran732
commented
2 days ago @tianon I don't think this should be closed, because the fact of the matter is that there is no noble container yet.
tianon
commented
2 days ago Sorry, I should've provided more context -- I've closed this because while we're open to the idea of including a Noble-based image, the prerequisites for us doing so do not currently exist, so I cannot reasonably say that we have any current plans to do so. Once those prerequisites are met, we will be happy to reconsider/reevaluate.
Edit: In other words, this is closed "WONTFIX" (but not "WILLNEVERFIX").
Noble has been out for a few months now. It would be great to have Noble as a base. I scanned jammy with trivy and grype and it seems like there are a lot of known vulnerabilities as this point.