|
Rebuild and deploy a new version of https://github.com/folio-org/folio-tools/tree/master/folio-java-docker/openjdk11 to upgrade the versions used in folioci/alpine-jre-openjdk11 Docker container. No changes are needed in the Dockerfile.
This upgrades alpine from 3.12 to 3.14 and fixes these security vulnerabilities:
• apk-tools 2.10.5-r1 to 2.12.5-r1 fixing https://nvd.nist.gov/vuln/detail/CVE-2021-30139
• busybox 1.31.1-r16 to 1.33.1-r4 fixing https://nvd.nist.gov/vuln/detail/CVE-2021-28831
• curl 7.69.1-r0 to 7.78.0-r1 fixing CVE-2020-8169, CVE-2020-8177, CVE-2020-8231, CVE-2020-8285, CVE-2020-8286, CVE-2020-8284, CVE-2021-22876, CVE-2021-22890, CVE-2021-22898, CVE-2021-22901, CVE-2021-22922, CVE-2021-22923, CVE-2021-22924, CVE-2021-22925, CVE-2021-22926: https://curl.se/docs/security.html
• musl 1.1.24-r8 to 1.2.2-r3 fixing https://nvd.nist.gov/vuln/detail/CVE-2020-28928
• openssl 1.1.1g-r0 to 1.1.1k-r0 fixing https://nvd.nist.gov/vuln/detail/CVE-2020-1971 https://nvd.nist.gov/vuln/detail/CVE-2021-23839 https://nvd.nist.gov/vuln/detail/CVE-2021-23840 https://nvd.nist.gov/vuln/detail/CVE-2021-23841 https://nvd.nist.gov/vuln/detail/CVE-2021-3449 https://nvd.nist.gov/vuln/detail/CVE-2021-3450
• p11-kit 0.23.20-r5 to 0.23.22-r0 fixing https://nvd.nist.gov/vuln/detail/CVE-2020-29361 https://nvd.nist.gov/vuln/detail/CVE-2020-29362 https://nvd.nist.gov/vuln/detail/CVE-2020-29363
|