[
https://issues.apache.org/jira/browse/SOLR-16523?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Ritchie Gu updated SOLR-16523:
------------------------------
Description:
I noticed that as part of the process, it's installing gosu and few other
packages
[https://github.com/apache/solr-docker/blob/main/8.11-slim/Dockerfile#L20,]
The version of gosu gets installed is a bit of old, and do you have any plan to
install newer version gosu in?
CVE-2022-27664
https://nvd.nist.gov/vuln/detail/CVE-2022-27664
was:
I noticed that as part of the process, it's installing gosu and few other
packages
[https://github.com/apache/solr-docker/blob/main/8.11-slim/Dockerfile#L20,]
The version of gosu gets installed is a bit of old, and do you have any plan to
install newer version gosu in?
> gosu, jattach binary version
> ----------------------------
>
> Key: SOLR-16523
> URL: https://issues.apache.org/jira/browse/SOLR-16523
> Project: Solr
> Issue Type: Improvement
> Security Level: Public(Default Security Level. Issues are Public)
> Components: Docker
> Affects Versions: 8.11.2
> Reporter: Ritchie Gu
> Assignee: Jan Høydahl
> Priority: Major
>
> I noticed that as part of the process, it's installing gosu and few other
> packages
> [https://github.com/apache/solr-docker/blob/main/8.11-slim/Dockerfile#L20,]
> The version of gosu gets installed is a bit of old, and do you have any plan
> to install newer version gosu in?
>
> CVE-2022-27664
> https://nvd.nist.gov/vuln/detail/CVE-2022-27664
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
