Hi Jim, Jim Knochelmann <jim.knochelm...@ibm.com> writes: > https://access.redhat.com/security/cve/CVE-2020-8277 which shows that > CVE-2020-8277 has not yet been fixed.
If I'm seeing correctly, nodejs:14 is listed there as "Fixed" via RHSA-2021:0551 [1] released on 2021-02-16. The errata mentions an upgrade of Node to 14.15.4, and the container contains version 14.16.1, so it looks to me as fixes already :) [1]: https://access.redhat.com/errata/RHSA-2021:0551 -- Jan Staněk Software Engineer, Red Hat jsta...@redhat.com irc: jstanek
signature.asc
Description: PGP signature
_______________________________________________ SCLorg mailing list SCLorg@redhat.com https://listman.redhat.com/mailman/listinfo/sclorg
