OpenSSL vulnerability
Opened this issue · 2 comments
Hi Team, I am working for IBM, and we are using the liberty image for our app, our app is running on an openshift based platform inside IBM called Cirrus, our images are scanned by the platform and we received some high vulnerability issues related to openssl. Can anyone help to check and fix this ? Or do you have any suggestion what we can do to fix the issue ?
I am using the latest tag to pull the image: docker pull websphere-liberty
hi @TigerAVAF6R - we are waiting for IBM Java layer to upgrade to Ubuntu 20.04, which should help solve a lot of security vulnerabilities. Another option is to use the UBI-based images for WebSphere Liberty, found here.
@arthurdm Thanks for the info, do you know when the fix will be released ? By the way, what's the difference between this liberty image and UBI-based image ?