Skip to content

Security issue of image nginxinc/nginx-unprivileged:mainline-alpine #189

Answered by alessfg
art045661489 asked this question in Q&A
Discussion options

You must be logged in to vote

Hey @art045661489! Couple things:

  • Per our Security policy, https://github.com/nginxinc/docker-nginx-unprivileged/blob/main/SECURITY.md, libxpm is not considered a critical package, so the standard process would be to wait until the images get automatically rebuilt.
  • The CVEs you listed only have a fix available in Alpine 3.19, and these images are running on Alpine 3.18. I would assume the fix will make its way to Alpine 3.18 soonish since it's a supported release, which is more the reason to wait until the images get automatically rebuilt next Sunday night.

If you want to solve the problem right now yourself, my suggestion would be to grab the Dockerfile here https://github.com/nginxinc…

Replies: 1 comment 2 replies

Comment options

You must be logged in to vote
2 replies
@art045661489
Comment options

@alessfg
Comment options

Answer selected by art045661489
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Category
Q&A
Labels
None yet
2 participants