bump Docker builds for USN-3087-1

Question

bump Docker builds for USN-3087-1

Closed this issue 8 years ago · 1 comments

As of right now, the docker image heroku/cedar:14 does not contain the openssl packages that fix http://www.ubuntu.com/usn/usn-3087-1/:

$ docker pull heroku/cedar:14
14: Pulling from heroku/cedar

Digest: sha256:43c7680c05ac0d68f141d530c55abd3746d2eebcbbcf64fbd36b16649615b19d
Status: Image is up to date for heroku/cedar:14
$ docker run heroku/cedar:14 openssl version
OpenSSL 1.0.1f 6 Jan 2014
$ docker run heroku/cedar:14 apt-cache policy libssl1.0.0
libssl1.0.0:
  Installed: 1.0.1f-1ubuntu2.19
  Candidate: 1.0.1f-1ubuntu2.19
  Version table:
 *** 1.0.1f-1ubuntu2.19 0
        100 /var/lib/dpkg/status

The fix is in the Xenial apt repositories, so heroku/cedar:14 just needs to be rebuilt in order to update and download these security fixes.

Answer 1 · 2016-09-23T22:39:49.000Z

This is done:

% docker pull heroku/cedar:14
...
Status: Downloaded newer image for heroku/cedar:14