Odoo 16/15: Plans on upgrading to bookworm to fix Docker image vulnerabilities?

odoo / docker

Other

960 stars 1.55k forks source link

Odoo 16/15: Plans on upgrading to bookworm to fix Docker image vulnerabilities? #515

Open Pexers opened 2 months ago

Pexers commented 2 months ago

Plans on upgrading to bookworm to fix Docker image vulnerabilities?

There are multiple vulnerabilities identified within DockerHub that would be fixed by an upgrade from bullseye-slim to bookworm-slim for versions 15 & 16. One of these is PyYAML, where vulnerabilities can be found in versions below 5.4.

Is this something planned to be worked on in the near future? Thank you.

sconetto commented 2 months ago

up 👍🏻

otahmasebi commented 1 month ago

up 👍

hertell commented 1 month ago

For odoo 15 it won't work. The required version of wkhtmltopdf for odoo15 seems to be version 0.12.5-1 (https://github.com/odoo/odoo/wiki/Wkhtmltopdf), and that version has no package for bookworm.

For odoo16 it's just to replace the all words of bullseye -> bookworm, and update the sha1-sums for the corresponding package files.. If the Odoo-devs can confirm that odoo15 works a newer version of Wkhtmltopdf, then it is an easy task to update the Dockerfile to bookworm.