[FOLIO-3682] Rebuild folioci/alpine-jre-openjdk11 and folioci/alpine-jre-openjdk17 Created: 05/Jan/23  Updated: 03/Mar/23  Resolved: 03/Mar/23

Status: Closed
Project: FOLIO
Components: None
Affects versions: None
Fix versions: None

Type: Task Priority: TBD
Reporter: David Crossley Assignee: David Crossley
Resolution: Done Votes: 0
Labels: security
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original estimate: Not Specified

Sprint: DevOps Sprint 159, DevOps Sprint 160
Development Team: FOLIO DevOps
RCA Group: Related dependency upgrade

 Description   

These are the base Docker containers to support Java-based back-end FOLIO modules.

Rebuild folio-tools/folio-java-docker/openjdk11 and folio-tools/folio-java-docker/openjdk17

folioci/alpine-jre-openjdk11:latest = 1.3.9 and folioci/alpine-jre-openjdk17:latest = 2.0.6 ship with the OpenSSL libraries libcrypto3 3.0.7-r2 and libssl3 3.0.7-r2, example for 11 and libssl3:

docker run --rm -it --entrypoint /sbin/apk folioci/alpine-jre-openjdk11:latest list libssl3
libssl3-3.0.7-r2 x86_64 {openssl} (Apache-2.0) [installed]

They have these OpenSSL vulnerabilities:

As the Dockerfile already contains "apk upgrade" a rebuild of the container will automatically upgrade libssl3 and librcypto3 to the fixed version 3.0.8-r0.



 Comments   
Comment by David Crossley [ 03/Mar/23 ]

Built on jenkins host and pushed as "alpine-jre-openjdk17:2.0.7" and "latest".
Built on jenkins host and pushed as "alpine-jre-openjdk11:1.3.10" and "latest".

Generated at Thu Feb 08 23:29:55 UTC 2024 using Jira 1001.0.0-SNAPSHOT#100246-sha1:7a5c50119eb0633d306e14180817ddef5e80c75d.