search

dockerfile / ubuntu

Ubuntu Dockerfile for trusted automated Docker builds.
http://dockerfile.github.io/#/ubuntu
MIT License
459 stars 1.28k forks source link

Fix for heartbleed ssl vuln in docker image #2

Closed arel closed 10 years ago

arel commented 10 years ago

Adds multiverse without removing security updates

This pull request changes how the multiverse distro is added to /etc/apt/sources such that the quantal-updates and quantal-security repos are not overridden. Without this change, the installed openssl version is vulnerable to the heartbleed bug.

pilwon commented 10 years ago

Thanks @arel !

arel commented 10 years ago

Thanks for merging @pilwon !

You may also want to rebuild the "trusted build" for your other projects that depend on this one (e.g., dockerfile/nginx), otherwise they will still be affected.

pilwon commented 10 years ago

@arel Thanks, we'll do.