[ZOOKEEPER-4616] Upgrade docker image for the dev enviroment to resolve CVEs - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 3.9.0, 3.8.1, 3.7.2
Component/s: None
Labels:
- pull-request-available

Description

The current docker image `maven:3.6.3-jdk-8` has many critical security issues.

maven@3.6.3-jdk-8 › dpkg@1.19.7 has CVE-2022-1664

maven@3.6.3-jdk-8 › openssl@1.1.1d-0+deb10u6 has CVE-2021-3711

maven@3.6.3-jdk-8 › gzip@1.9-3 has CVE-2022-1271

We need to upgrade the docker base image to version `maven:3.8.4-jdk-8`

The GitHub PR: https://github.com/apache/zookeeper/pull/1927

Attachments

Issue Links

links to

GitHub Pull Request #1927

Activity

People

Assignee:: Enrico Olivelli

Reporter:: hang chen

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 27/Sep/22 02:17

Updated:: 30/Jan/23 07:57

Resolved:: 29/Sep/22 14:38

Time Tracking

Estimated:

Not Specified

Remaining:

0h

Logged:

0.5h