[FOLIO-3682] Rebuild folioci/alpine-jre-openjdk11 and folioci/alpine-jre-openjdk17 Created: 05/Jan/23 Updated: 03/Mar/23 Resolved: 03/Mar/23 |
|
| Status: | Closed |
| Project: | FOLIO |
| Components: | None |
| Affects versions: | None |
| Fix versions: | None |
| Type: | Task | Priority: | TBD |
| Reporter: | David Crossley | Assignee: | David Crossley |
| Resolution: | Done | Votes: | 0 |
| Labels: | security | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original estimate: | Not Specified | ||
| Sprint: | DevOps Sprint 159, DevOps Sprint 160 |
| Development Team: | FOLIO DevOps |
| RCA Group: | Related dependency upgrade |
| Description |
|
These are the base Docker containers to support Java-based back-end FOLIO modules. Rebuild folio-tools/folio-java-docker/openjdk11 and folio-tools/folio-java-docker/openjdk17 folioci/alpine-jre-openjdk11:latest = 1.3.9 and folioci/alpine-jre-openjdk17:latest = 2.0.6 ship with the OpenSSL libraries libcrypto3 3.0.7-r2 and libssl3 3.0.7-r2, example for 11 and libssl3:
docker run --rm -it --entrypoint /sbin/apk folioci/alpine-jre-openjdk11:latest list libssl3
libssl3-3.0.7-r2 x86_64 {openssl} (Apache-2.0) [installed]
They have these OpenSSL vulnerabilities:
As the Dockerfile already contains "apk upgrade" a rebuild of the container will automatically upgrade libssl3 and librcypto3 to the fixed version 3.0.8-r0. |
| Comments |
| Comment by David Crossley [ 03/Mar/23 ] |
|
Built on jenkins host and pushed as "alpine-jre-openjdk17:2.0.7" and "latest". |