hang chen created ZOOKEEPER-4616: ------------------------------------ Summary: Upgrade docker image to resolve CVEs Key: ZOOKEEPER-4616 URL: https://issues.apache.org/jira/browse/ZOOKEEPER-4616 Project: ZooKeeper Issue Type: Improvement Reporter: hang chen
The current docker image `maven:3.6.3-jdk-8` has many critical security issues. maven@3.6.3-jdk-8 › dpkg@1.19.7 has [CVE-2022-1664|https://www.cve.org/CVERecord?id=CVE-2022-1664] maven@3.6.3-jdk-8 › openssl@1.1.1d-0+deb10u6 has [CVE-2021-3711|https://www.cve.org/CVERecord?id=CVE-2021-3711] maven@3.6.3-jdk-8 › gzip@1.9-3 has [CVE-2022-1271|https://www.cve.org/CVERecord?id=CVE-2022-1271] We need to upgrade the docker base image to version `maven:3.8.4-jdk-8` -- This message was sent by Atlassian Jira (v8.20.10#820010)