Thanks for the quick replies. So, once this was merged, did the 1.32.1 image tag of the BusyBox docker image get rebuilt with it? From what I can tell, this is the image tag that gets pulled when the "latest" tag is used.
Is there any way I can validate that the latest image has the fix? I'm able to pull the latest image and run it with "docker run -it --rm busybox" but then I'm not sure how I would validate that the container actually contains the fix. I'm trying to determine whether Prisma Cloud is raising a false positive and the fix is actually in the container I'm using or whether there's still an actual concern about CVE-2021-28831 in what I am using. External email from: [email protected] >>>>> "Christophe" == Christophe Leroy <[email protected]> writes: Hi, > As far as I can see, that commit is in 1_32_stable > See > https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgit.busybox.net%2Fbusybox%2Fcommit%2F%3Fh%3D1_32_stable&data=04%7C01%7Ctmousaw%40ptc.com%7Cc3676534ea974ceee8fe08d90a44d5bb%7Cb9921086ff774d0d828acb3381f678e2%7C0%7C1%7C637552113028448881%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C2000&sdata=fXqVqSCteeOvr5EZhpxffENcBnQym1mmNo7mWFzd1Og%3D&reserved=0 But strangely enough not in 1_33_stable. -- Bye, Peter Korsgaard _______________________________________________ busybox mailing list [email protected] http://lists.busybox.net/mailman/listinfo/busybox
