[CentOS] Official Docker images and security updates
Giovanni Tirloni
gpt at gtirloni.comWed May 11 23:25:16 UTC 2016
- Previous message: [CentOS] Cannot figure out what this segfault message means. Please help!
- Next message: [CentOS] Suggestions for Config Management Tool
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hello, It seems the official Docker images are missing some important security updates [1][2]. Does anyone have any insight in how these packages get built and when? Their Dockerfile seems to come from here: https://github.com/docker-library/official-images/blob/master/library/centos (commit for "latest" says "update CentOS-7 - 20160331 - monthly build"). In the official Docker documentation [2] they suggest not running `apt-get upgrade` which I understood as don't run `yum -y upgrade` for CentOS. Any advice on whether it's best practice to always update packages or not? Thank you, Giovanni 1 - http://pastie.org/pastes/10833370/text 2 - https://blog.docker.com/2016/05/docker-security-scanning/ 3 - https://docs.docker.com/engine/userguide/eng-image/dockerfile_best-practices/
- Previous message: [CentOS] Cannot figure out what this segfault message means. Please help!
- Next message: [CentOS] Suggestions for Config Management Tool
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list