Amazonlinux Base Image has security vulnerabilities

Question

Amazonlinux Base Image has security vulnerabilities

Closed this issue 5 years ago · 2 comments

Hi, it seems the used base image amazonlinux:2 has publicly known vulnerabilities since at least Sep 19th that have fixes available that are not yet part of the latest image which was published 25days ago.
See upstream issue at https://forums.aws.amazon.com/thread.jspa?threadID=310554&tstart=0

Do you monitor corretto images for security issues? Is there something that should be improved in the publishing process?

Answer 1 · 2019-10-02T01:51:54.000Z

Hi Alex, thank you for rasing your concern. however I think your concern is may already been addressed in here. #26

Answer 2 · 2019-10-02T08:17:29.000Z

Hi @TianminShi
thanks, I've already created an issue with upstream amazonlinux. See amazonlinux/container-images#30