fluent/fluentd:v1.11-2 security vulnerabilities #238
Comments
|
Quick fix - build your own docker image with ruby 2.7.2. |
|
@nvtkaszpir Is there a sample you can provide for building custom image with ruby 2.7.2. I tried to use this Dockerfile and pull from ruby 2.7.2 (fluentd-docker-image/v1.11/debian/Dockerfile) it seems to cause more vulnerabilities. |
|
not really. |
|
@edsiper do you have some thoughts on this? |
|
Any idea when you plan to update your images for the busybox vuln? It should be as simple as updating to the latest alpine by now, though of course it's docker so who knows what could go wrong lol |
kenhys
added a commit
to kenhys/fluentd-docker-image
that referenced
this issue
Apr 20, 2021
Close: fluent#238 It fixes CVE-2020-25613 (webrick), too. Signed-off-by: Kentaro Hayashi <kenhys@gmail.com>
Merged
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
We are using this image and we have the following vulnerability
due to package ruby and webrick. Is there a way to fix this?
Or can you recommend an image with no vulnerability issues.
The text was updated successfully, but these errors were encountered: