Closed syerad closed 2 years ago
sonarcloud[bot]
commented
2 years ago Kudos, SonarCloud Quality Gate passed! 
0 Bugs
0 Vulnerabilities
0 Security Hotspots
0 Code Smells
No Coverage information
No Duplication information
tractorcow
commented
2 years ago Thanks @syerad this helps me out a lot!
jrencz
commented
2 years ago @syerad thanks for this update.
I think you may want to take a look at #436
Briefly: your change is not yet effective for some of the tags you altered
syerad
commented
2 years ago @jrencz I will take a look! Give me a couple of days :)
Edit: Saw the comment, and I think it's fixed ;) Let me know if I can help you any further building your images
jrencz
commented
2 years ago As I wrote in a comment there: I can just always express the very RUN, that you adjusted, right in my own Dockerfile to get latest nginx in a project that (for any reason) can't be easily upgraded to a still maintained version
Right now I just want anyone who will - as I did - find this PR and think "so basically, I need to rebuild and we're done", that it will be like that but just for tags that were pushed after this was merged. I took what I saw in here overly optimistic :)
It may be that those tags that were altered in this PR would at some point get re-pushed to Dockerhub (who knows, some really super-important security update?). Then, and only then changes from this PR will be effective
syerad
commented
2 years ago @jrencz okay, understand. As @hhoechtl mentioned in his comment, the build process for EOL versions for PHP is done manually. Hence you need to ask Hans if he would like to push an updated version of an older image as well.
Debian is using the nginx version 1.14.2, which includes several security issues and is missing features which are already included in newer version.
Therefore these changes included in this PR will add the official Nginx repository to the debian sources in order to fetch the newest stable version.