Opened 6 years ago
Closed 6 years ago
#1637 closed task (fixed)
nginx:alpine latest (from 9/12/2018) uses alpine v3.7.1
| Reported by: | Owned by: | ||
|---|---|---|---|
| Priority: | critical | Milestone: | 1.15.4 |
| Component: | other | Version: | 1.15.x |
| Keywords: | Cc: | ||
| uname -a: | Linux 5ca008f213f0 4.9.93-linuxkit-aufs #1 SMP Wed Jun 6 16:55:56 UTC 2018 x86_64 Linux | ||
| nginx -V: |
nginx version: nginx/1.15.3
built by gcc 6.4.0 (Alpine 6.4.0) u |
||
Description
There's a critical security problem in apk that requires updates to 3.8.x: https://justi.cz/security/2018/09/13/alpine-apk-rce.html
Change History (2)
comment:1 by , 6 years ago
comment:2 by , 6 years ago
| Resolution: | → fixed |
|---|---|
| Status: | new → closed |
The alpine images were rebuilt with fixed apk and pushed to the docker hub/store under the same tags as before. Please re-download your images. For more information, see https://github.com/nginxinc/docker-nginx/issues/271 .
Note:
See TracTickets
for help on using tickets.
Just for completeness - I'm looking at image sha256:994032453556b56420d66d53b7d8db1a74e1193165e2a070e50f533d849d9833
/opt # cat /etc/alpine-release
3.7.1