Security vulnerability in v0.5.40-22

Question

Security vulnerability in v0.5.40-22

Closed this issue a year ago · 4 comments

Container security scan tool is reporting the following HIGH vulnerabilities

CVE-2022-23960
CVE-2022-42703
CVE-2022-42896
CVE-2022-43945

These CVE's correspond to linux-libc-dev packages on Ubuntu 22.04 base image. We did observe that this package was updated to latest version when we did an apt-get update within the container. Hopefully this will resolve the issue. Can you please recommend corrective actions to get past this security vulerability.

Answer 1 · 2023-02-03T20:53:03.000Z

Yeah I can get this rebuilt later today. Thanks for reporting.

Answer 2 · 2023-02-24T15:27:15.000Z

and now

CVE-2022-41717
CVE-2022-27664

Answer 3 · 2023-03-20T04:17:30.000Z

Okay I think I re-released the stacks properly now. Mind checking if everything works as expected?

Answer 4 · 2023-03-21T20:16:49.000Z

Okay everything has been rebuilt so if there is a CVE still, not sure rebuilding will fix it.