TechQA.

update glibc package in distroless

717 views Asked by At

i am using use multi stage docker build for distroless and using "gcr.io/distroless/java:8" for my container but the packages version installed by gcr.io/distroless/java:8 have several security issues such as glibc 2.31 https://nvd.nist.gov/vuln/detail/CVE-2020-1752 how can i update the versions of packages inside the distroless image `

FROM openjdk:8 AS build

WORKDIR /app

RUN apt-get update

RUN apt-get upgrade libexpat1-dev libexpat1 openssl unzip -y

FROM gcr.io/distroless/java:8-debug

COPY --from=build /app /app

WORKDIR /app

CMD ["java commands"]`

java security java-8 glibc distroless
Original Q&A
1

There are 1 answers

0
aironman On

Distroless means that you don't have bash or apt to update the container, so you should use another distroless version that has these security flaws fixed. Create new images, test them, upload them to the registry, update the deployment yaml files, and start over.

Related Questions in JAVA

Related Questions in SECURITY

Related Questions in JAVA-8

Related Questions in GLIBC

Related Questions in DISTROLESS

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions