Comments (4)
We don't need to do upgrade because when the base image is updated then these one are rebuilt with the change.
from docker-node.
Thank you for the quick reply! I had to rebuild the node:21-bookworm-slim image today because the base Debian image contained a vulnerability and has not been recreated for 14 days and thus failed our pipeline. I assume Debian will eventually update their image but in the meantime, adding the upgrade -y
resolved this for me.
from docker-node.
Background:
Tags in the [official-images] library file[s] are only built through an update to that library file or as a result of its base image being updated (ie, an image
FROM debian:buster
would be rebuilt whendebian:buster
is built).
Official Images FAQ:
Though not every CVE is removed from the images, we take CVEs seriously and try to ensure that images contain the most up-to-date packages available within a reasonable time frame
To ensure that we don't push contentless image changes, we rely on periodic base image updates.
We strive to publish updated images at least monthly for Debian. We also rebuild earlier if there is a critical security need. Many Official Images are maintained by the community or their respective upstream projects, like Ubuntu, Alpine, and Oracle Linux, and are subject to their own maintenance schedule.
- from the same FAQ link
from docker-node.
This is also explained in https://github.com/nodejs/docker-node/blob/main/SECURITY.md
from docker-node.
Related Issues (20)
- [NEXT-SECURITY-RELEASE] Heads up on upcoming Node.js security release 2024/04/09 HOT 2
- Images for Windows HOT 1
- Update yarn version to 1.22.22 HOT 7
- CVE-2024-28863 HOT 1
- Clarify support policy (for Alpine)? HOT 1
- v22.0.0 `arm` image broken HOT 6
- Docker build stucks on FROM --platform=linux/amd64 node:current-alpine image HOT 3
- docker buildx hang on node:22-alpine (armv6/armv7) HOT 5
- Alpine tag index digests differ depending on the Node version being present in the tag name HOT 2
- node:20.13 breaks building with workspaces from root HOT 3
- node:18-alpine build failing for canvas install HOT 5
- Alpine images with the same tag have different versions on different platforms HOT 3
- `22-alpine3.20` misses platforms while `22-alpine` has them HOT 2
- node:20.14.0-alpine3.19 no matching manifest for linux/arm64/v8 in the manifest list entries HOT 1
- Missing images for 20.14.0-alpine HOT 4
- No node:20.14.0-alpine for linux/arm64/v8 HOT 1
- Add Jenkins/Build Badge for upstream official image status HOT 2
- Using node LTS leads to error during docker run HOT 2
- os.EOL is CRLF on linux docker images HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from docker-node.