Closed pacifier17 closed 4 years ago
the code is there, but for some reason, I can't get the key on the server, so the build is currently faling. Once that is fixed, the official PR will be opened
Ahh thanks! Any way we can push it through soon? It would be good to patch these critical vulnerabilities quickly since this is an official Varnish image.
sure, get that key https://packagecloud.io/app/varnishcache/varnish64/gpg on http://ha.pool.sks-keyservers.net/ and we are in business
I have never done this before, so I don't know where to start. What error are you facing while trying to get it on the server?
none, things appear to work, and I've pushedthe key to multiple servers on the network. There's usually a delay before being able to retrieve de the key, but it's usually a few hours, not a day
So I did this (from whatever I could understand)
Ran the following command written here: https://packagecloud.io/app/varnishcache/varnish64/gpg#gpg-apt curl -L https://packagecloud.io/varnishcache/varnish64/gpgkey
Then just copied the public key here http://ha.pool.sks-keyservers.net/ and I got this message: Key block added to key server database. New public keys added: 1 key(s) added successfully.
I am assuming that is what you have been doing?
yup
Any other ideas on what else to do? I have none. :(
fixed in master
Thanks! Will you push this buster image to docker hub too?
Hi, I wanted to check if you have any plans to update the Debian version of this image and re-upload it to Docker Hub? The reason is that the version of Debian (stretch) that it is based on is old and has a lot of vulnerabilities. I see that Debian has patched a lot of these vulnerabilities in their buster version.