Giovanni Tirloni
2016-May-11 23:25 UTC
[CentOS] Official Docker images and security updates
Hello, It seems the official Docker images are missing some important security updates [1][2]. Does anyone have any insight in how these packages get built and when? Their Dockerfile seems to come from here: https://github.com/docker-library/official-images/blob/master/library/centos (commit for "latest" says "update CentOS-7 - 20160331 - monthly build"). In the official Docker documentation [2] they suggest not running `apt-get upgrade` which I understood as don't run `yum -y upgrade` for CentOS. Any advice on whether it's best practice to always update packages or not? Thank you, Giovanni 1 - http://pastie.org/pastes/10833370/text 2 - https://blog.docker.com/2016/05/docker-security-scanning/ 3 - https://docs.docker.com/engine/userguide/eng-image/dockerfile_best-practices/
Reasonably Related Threads
- Re: Write content to file from Dockerfile and/or any other method
- Update on docker Python:3 and adding R:4.x
- Update on docker Python:3 and adding R:4.x
- Running CentOS 6 in a Docker container on a non-CentOS host
- Issues with Ubuntu 22.04 and Installing the Latest Version of R (R 4.4.1) to Docker Image
Wisdom of the Ancients
