Security issue of image nginxinc/nginx-unprivileged:mainline-alpine #189
-
I use nginxinc/nginx-unprivileged:mainline-alpine as base image and i found that the package name "libxpm-3.5.16-r1" is installed as shown in the picture below. After i check carefully, I found that the package have mentioned in vulnerability with I try to solve this problem by delete/upgrade libxpm with command 'apk upgrade| ' but unfortunately i got an error permission denied. I will appreciate it if you have any suggestion/solution. thank you |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 2 replies
-
Hey @art045661489! Couple things:
If you want to solve the problem right now yourself, my suggestion would be to grab the Dockerfile here https://github.com/nginxinc/docker-nginx-unprivileged/blob/main/mainline/alpine-slim/Dockerfile, and change https://github.com/nginxinc/docker-nginx-unprivileged/blob/main/mainline/alpine-slim/Dockerfile#L6C11-L6C22 to Once you rebuild the image, you should have an upgraded |
Beta Was this translation helpful? Give feedback.
Hey @art045661489! Couple things:
libxpm
is not considered a critical package, so the standard process would be to wait until the images get automatically rebuilt.If you want to solve the problem right now yourself, my suggestion would be to grab the Dockerfile here https://github.com/nginxinc…