-
Notifications
You must be signed in to change notification settings - Fork 67
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Upgrade Java version to patch 1:17.0.7+7-1.amzn2.1 #160
Comments
The
|
OK, that makes sense @lutkerd. What is the plan when it comes to security patches and advisories, e.g. https://alas.aws.amazon.com/AL2/ALAS-2023-2025.html Would that just be rolled into the next latest version above |
#114 is the next step. We are planning to provide images with the AL2 packages so that the scanners are clean. |
could this be pushed upstream faster to https://yum.corretto.aws as the official tomcat correto images are all failing security scans The yum repo AmazonCorretto has higher priority than the amzn2-core-debuginfo repo which has the updated package but fails to update due to priority restrictions. |
Thank you for taking the time to help improve Corretto.
If your request concerns a security vulnerability then please report it by email to [email protected] instead of here.
(You can find more information regarding security issues at https://aws.amazon.com/security/vulnerability-reporting/.)
If your proposal is specific to Corretto docker images,
then you are in the right place.
Please proceed with the following.
Is your feature request related to a problem?
Please provide a clear and concise description of what the problem is.
Using the Public ECR release of Corretto Java 17 with this directive in the Dockerfile:
FROM public.ecr.aws/amazoncorretto/amazoncorretto:17
The Corretto 17 image has not been updated to include the patch for a high vulnerability. I am not able to update it in the dockerfile due to repository priority protections being enabled.
I would like to be able to get this patched or know when AWS will be updating the base image. Is there another workaround other than changing this
echo "priority=9" >> /etc/yum.repos.d/corretto.repo
Any ideas or suggestions are welcome.
Describe a solution you would like
Please provide a clear and concise description of what you want to happen.
Describe alternatives you have considered
Please provide a clear and concise description
of any alternative solutions or features you have considered.
Additional context
Add any other context or screenshots about the feature request here.
The text was updated successfully, but these errors were encountered: