Regarding Critical Vulnerability Issue in Docker Image of OpenJDK 8 : Alpine JRE 8u362-b09
Mario Torre
neugens at redhat.com
Fri Feb 17 10:47:06 UTC 2023
Hi Prakhar,
That's probably the wrong place to ask since there's no official
OpenJDK Docker image done by the OpenJDK project.
Cheers,
Mario
On Fri, Feb 17, 2023 at 11:45 AM Prakhar Makhija <matcdac at gmail.com> wrote:
>
> Hi Team
>
>
> The Critical Vulnerability is because of BusyBox version 1.33.1
>
> Request you to trigger a new build with an upgraded version of BusyBox 1.33.2 or higher
>
>
> Kindly refer the below link to know more about the issue
>
> https://nvd.nist.gov/vuln/detail/CVE-2021-42377
>
>
> Best Wishes & Regards
> Prakhar Makhija
>
--
Mario Torre
Manager, Software Engineering, OpenJDK
9704 A60C B4BE A8B8 0F30 9205 5D7E 4952 3F65 7898
Red Hat GmbH, Registered seat: Werner von Siemens Ring 12, D-85630
Grasbrunn, Germany
Commercial register: Amtsgericht Muenchen/Munich, HRB 153243,
Managing Directors: Ryan Barnhart, Charles Cachera, Michael O'Neill, Amy Ross
More information about the jdk8u-dev
mailing list