Closed visortelle closed 3 months ago
@visortelle thanks for raising this. It does look like something is not working as desired for oracle rpm packages. We’ll look into it and will report back.
@visortelle - we've made some amendments to the way we're checking the vulnerable ranges and the image is showing as free of vulnerabilities now.
Thanks again for reporting.
@neilprosser - thank you for the fix.
I believe
1:3.0.7-25.0.1.el9_3
and2:3.0.7-25.0.1.ksplice1.el9_3
are the same version.Same for
2.34-83.0.2.el9_3.12 > 2:2.34-60.0.3.ksplice1.el9_2.7
.There are a few more packages affected by the same issue.
https://hub.docker.com/layers/library/oraclelinux/9-slim/images/sha256-f1bdd3635b56b12302434d86021141aceb1ca51d79457959cc8193922ee206eb?context=repo&tab=vulnerabilities