Uploaded image for project: 'MariaDB MaxScale'
  1. MariaDB MaxScale
  2. MXS-5942

Add additonal Tag for critical third-party-vulnerabilities

    XMLWordPrintable

Details

    • New Feature
    • Status: Open (View Workflow)
    • Major
    • Resolution: Unresolved
    • None
    • None
    • Docker

    Description

      If vulnerabilities (CVE---) exists in the base (FROM Keyword in the dockerfile)
      which was fixed from vendor.

      The images on MariaDB side will be updated , but customer will not get the fixed image.

      Main reason is, that the Tag was not changed, because the vulnerabilities are not in MariaDB
      applications, so certainly the versionsnumber not changed, so also the Tag was not changed.

      So the idea is to add a sort of number for build image version, so an automatic update can be established , if a new build of a MariaDB docker image exists for the same Maxscale version.

      Attachments

        Issue Links

          relates to

          New Feature - A new feature of the product, which has yet to be developed. MDEV-37550 Add additonal Tag for critical third-party-vulnerabilities

          • Major - Major loss of function.
          • Needs Feedback

          Activity

            People

              esa.korhonen Esa Korhonen
              Richard Richard Stracke
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:

                Git Integration

                  Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.