Hello,
It seems the official Docker images are missing some important
security updates [1][2]. Does anyone have any insight in how these
packages get built and when?
Their Dockerfile seems to come from here:
https://github.com/docker-library/official-images/blob/master/library/centos
(commit for "latest" says "update CentOS-7 - 20160331 - monthly
build").
In the official Docker documentation [2] they suggest not running
`apt-get upgrade` which I understood as don't run `yum -y upgrade` for
CentOS. Any advice on whether it's best practice to always update
packages or not?
Thank you,
Giovanni
1 - http://pastie.org/pastes/10833370/text
2 - https://blog.docker.com/2016/05/docker-security-scanning/
3 - https://docs.docker.com/engine/userguide/eng-image/dockerfile_best-practices/
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos
