Closed Ravikrishna216 closed 2 years ago
This is now resolved. I've rebuilt all affected .NET images based on Debian 11 so that they now contain the latest zlib1g
package version which patches this vulnerability.
> docker pull mcr.microsoft.com/dotnet/aspnet:6.0
6.0: Pulling from dotnet/aspnet
Digest: sha256:30f462a50ad021c35ab3ebbbb8f16049c8d41499f7063a95bc68e7c69b0a97c4
Status: Image is up to date for mcr.microsoft.com/dotnet/aspnet:6.0
mcr.microsoft.com/dotnet/aspnet:6.0
> docker run --rm mcr.microsoft.com/dotnet/aspnet:6.0 apt list zlib1g
WARNING: apt does not have a stable CLI interface. Use with caution in scripts.
Listing...
zlib1g/now 1:1.2.11.dfsg-2+deb11u2 amd64 [installed,local]
In the future, please log issues specific to .NET container images at https://github.com/dotnet/dotnet-docker.
Sure.. Thank you for the update.
Thank you.. It is working now
We are using aspnet docker image
mcr.microsoft.com/dotnet/aspnet:6.0
From Sysdig scan a vulnerability is scanned CVE-2022-37434
Will the base image will be updated to handle this vulnerability ??