-
Notifications
You must be signed in to change notification settings - Fork 5.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
refactor (bbb-soffice): Switch parent image to amazoncorretto:17-alpine #15743
refactor (bbb-soffice): Switch parent image to amazoncorretto:17-alpine #15743
Conversation
SonarCloud Quality Gate failed. 1 Bug No Coverage information |
RUN apt update && apt -y install locales-all fontconfig libxt6 libxrender1 | ||
RUN apt update && apt -y install libreoffice \ | ||
&& rm -f \ | ||
/usr/share/java/ant-apache-log4j-1.10.9.jar \ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hello @gustavotrott - please check what is the version of log4j that's installed in this new implementation
I believe these removals was to ensure the vulnerable version would not be there.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
from within the docker, run:
find / 2>&1 | grep log4j
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
great!
RUN apt update && apt -y install locales-all fontconfig libxt6 libxrender1 | ||
RUN apt update && apt -y install libreoffice \ | ||
&& rm -f \ | ||
/usr/share/java/ant-apache-log4j-1.10.9.jar \ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
great!
As reported in https://hub.docker.com/_/openjdk, the current parent image
openjdk
is deprecated!This PR will switch the parent docker image to
amazoncorretto
.It will bring some pros: