rebuild alpine image with latest 3.14 (3.14.6) because of CVE-2022-28391

Question

rebuild alpine image with latest 3.14 (3.14.6) because of CVE-2022-28391

smbgray opened this issue 3 years ago · 1 comments

CVE-2022-28391 is fixed in busybox 1.33.1-r7 and included into alpine:3.14.6.
Currently:
docker run -it --entrypoint /bin/sh pandoc/latex:latest
/data # cat /etc/alpine-release
3.14.3
/data # ls --help
BusyBox v1.33.1 () multi-call binary.

Answer 1 · 2023-04-26T10:34:22.000Z

Sorry, I had forgotten to reply here: the images have been updated to 3.14.8 and later a good while ago.

Thanks for raising the issue.