Closed ziler-orca closed 8 months ago
Thanks for reporting this to us. I'm going to transfer this over to getsentry/symbolicator. For reference, security has given us a csv file with all the CVEs.
All of these are in the base image packages, no are in symbolicators Rust code or any of the Rust dependencies.
So is there anything other to do here than to run an apt upgrade
in the base docker image?
So is there anything other to do here than to run an apt upgrade in the base docker image?
Guess not then 🙂
So the apt upgrade
should be run in https://github.com/getsentry/symbolicator/blob/master/Dockerfile?
Self-Hosted Version
23.9.1
CPU Architecture
x86_64
Docker Version
24.0.6
Docker Compose Version
v2.21.0
Steps to Reproduce
The sentry-getsentry/symbolicator image
23.9.1
has several vulnerabilities. Please see attached.symbolicator_cves.xlsx
Expected Result
Patch the vulnerabilities.
Actual Result
Please refer to spreadsheet attached above for details.
Event ID
No response