fluent/fluentd-docker-image

CVE-2021-43618

accmt opened this issue · 2 comments

accmt commented

os package gmp has CVE-2021-43618.

3.13.8 alpine release has a fix for this issue: https://git.alpinelinux.org/aports/log/?h=v3.13.8

Latest alpine 3.13 release for docker is 3.13.7: https://hub.docker.com/_/alpine

Based on https://github.com/alpinelinux/docker-alpine/blob/v3.13/x86_64/Dockerfile the 3.13.8 should be available soon. Once that is available please update the docker images.

kenhys commented

Thank you for reporting.

Already fixed via #319, use fluent/fluentd:v1.14.5-1.1

accmt commented

Thanks for really quick response and fixing the issue.