This project doesn't provide any original application - it only provides container images, which are always built with latest available versions of RPM packages. Because of that, when a vulnerability is detected, I can only wait for the Rocky distribution maintainers to fix the packages on their repos.
I'm working on making weekly builds of the image. In case of emergency, I'll trigger a manual build, to fix any critical vulerabilities ASAP.
If you find a vulnerability in the container image, please open up an issue or email me at [email protected]