[MODCITEM-2] Run apk upgrade in Dockerfile to fix security vulnerabilities Created: 21/Sep/23 Updated: 22/Sep/23 Resolved: 22/Sep/23 |
|
| Status: | Closed |
| Project: | mod-circulation-item |
| Components: | None |
| Affects versions: | None |
| Fix versions: | None |
| Type: | Bug | Priority: | TBD |
| Reporter: | Julian Ladisch | Assignee: | Gurleen Kaur1 |
| Resolution: | Done | Votes: | 0 |
| Labels: | back-end, security | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original estimate: | Not Specified | ||
| Sprint: | Volaris Sprint 174 |
| Development Team: | Volaris |
| RCA Group: | Related dependency upgrade |
| Description |
|
Install latest patch versions of packages: https://pythonspeed.com/articles/security-updates-in-docker/ If not running apk upgrade mod-circulation-item may ship with vulnerable Alpine packages even when fixed packages are available. |