New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Critical and high severity fixes from drupal:latest tag #262

Open

aprasadfos opened this issue Jul 11, 2024 · 2 comments

aprasadfos commented Jul 11, 2024

Hi doijanky,

Can we get some date by when the Critical and high severity issues can be fixed from drupal:latest tag image.

Member

LaurentGoderre commented Jul 11, 2024

The fixes for these CVEs have not been backported to the versions of debian used.

https://scout.docker.com/vulnerabilities/id/CVE-2024-38475?s=debian&n=apache2&ns=debian&t=deb&osn=debian&osv=12&vr=%3E%3D2.4.59-1~deb12u1&utm_source=hub
https://scout.docker.com/vulnerabilities/id/CVE-2024-39573?s=debian&n=apache2&ns=debian&t=deb&osn=debian

Member

tianon commented Jul 11, 2024

See also https://security-tracker.debian.org/, especially https://security-tracker.debian.org/tracker/CVE-2024-38475

Also, https://github.com/docker-library/faq#why-does-my-security-scanner-show-that-an-image-has-cves

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment