Hello,
It seems the official Docker images are missing some important security updates [1][2]. Does anyone have any insight in how these packages get built and when?
Their Dockerfile seems to come from here: https://github.com/docker-library/official-images/blob/master/library/centos (commit for "latest" says "update CentOS-7 - 20160331 - monthly build").
In the official Docker documentation [2] they suggest not running `apt-get upgrade` which I understood as don't run `yum -y upgrade` for CentOS. Any advice on whether it's best practice to always update packages or not?
Thank you, Giovanni
1 - http://pastie.org/pastes/10833370/text 2 - https://blog.docker.com/2016/05/docker-security-scanning/ 3 - https://docs.docker.com/engine/userguide/eng-image/dockerfile_best-practices...