CVE-2018-5743, CVE-2019-6467, and CVE-2019-6468

ventz / docker-bind

Docker Hub ventz/bind - Secure ISC BIND (Authoritative, Recursive, Slave, RPZ) - Docker image always latest built!

https://hub.docker.com/r/ventz/bind/

34 stars 37 forks source link

CVE-2018-5743, CVE-2019-6467, and CVE-2019-6468 #17

Closed ventz closed 5 years ago

ventz commented 5 years ago

@tcely Please note:

CVE-2018-5743 and CVE-2019-6467 especially -- just released. (CVE-2019-6468 is not relevant for alpine version)

Need for: ~9.12.4~ 9.14.1 is now present

tcely commented 5 years ago

@ventz I thought we agreed that 9.14.1 was preferred over 9.12.4-P1.

ventz commented 5 years ago

@tcely That was supposed to say 9.14.1 (9.12.4 is the alpine docker branch version that fixes the 2 vulnerabilities - but yes, 9.14 does also -- and that would be much better actually)

tcely commented 5 years ago

https://github.com/alpinelinux/aports/pull/6890

ventz commented 5 years ago

@tcely Thanks! And thank you for staying on top of these!

ventz commented 5 years ago

Pushed upstream. Closing.