<div dir="ltr"><div class="gmail_default" style="font-family:comic sans ms,sans-serif">Hello Team,</div><div class="gmail_default" style="font-family:comic sans ms,sans-serif"><br></div><div class="gmail_default" style="font-family:comic sans ms,sans-serif">Any updates on this ??</div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Wed, Mar 18, 2020 at 1:35 PM Abhinay Purty <<a href="mailto:apurty@redhat.com">apurty@redhat.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr"><div class="gmail_default" style="font-family:"comic sans ms",sans-serif">Hello Team,</div><div class="gmail_default" style="font-family:"comic sans ms",sans-serif"><br></div><div class="gmail_default" style="font-family:"comic sans ms",sans-serif">IHAC with a few queries.</div><div class="gmail_default" style="font-family:"comic sans ms",sans-serif"><br></div><div class="gmail_default" style="font-family:"comic sans ms",sans-serif"><pre style="box-sizing:border-box;overflow:auto;font-size:12px;padding:0px;margin-top:0px;margin-bottom:0px;line-height:1.66667;color:rgb(40,45,51);word-break:normal;background:none;border:none;border-radius:1px;white-space:pre-wrap"><span style="box-sizing:border-box">1. Does the following images contain the security fixes that is mentioned in '<a href="https://nodejs.org/en/blog/vulnerability/february-2020-security-releases" target="_blank">https://nodejs.org/en/blog/vulnerability/february-2020-security-releases</a>'<br>(CVE-2019-15604, CVE-2019-15605, CVE-2019-15606)?<br>[*] <a href="https://access.redhat.com/containers/#/registry.access.redhat.com/ubi8/nodejs-12" target="_blank">https://access.redhat.com/containers/#/registry.access.redhat.com/ubi8/nodejs-12</a><br>[*] <a href="https://access.redhat.com/containers/#/registry.access.redhat.com/rhel8/nodejs-12" target="_blank">https://access.redhat.com/containers/#/registry.access.redhat.com/rhel8/nodejs-12</a><br>If I understand correctly, the latest version of those images are built before security fixes CVE-2019-15604[1], CVE-2019-15605[2], CVE-2019-15606[3] were released.<br><br>[1] <a href="https://access.redhat.com/security/cve/CVE-2019-15604" target="_blank">https://access.redhat.com/security/cve/CVE-2019-15604</a><br>[2] <a href="https://access.redhat.com/security/cve/CVE-2019-15605" target="_blank">https://access.redhat.com/security/cve/CVE-2019-15605</a><br>[3] <a href="https://access.redhat.com/security/cve/CVE-2019-15606" target="_blank">https://access.redhat.com/security/cve/CVE-2019-15606</a><br><br>2.  Is there any  plans to release ubi8/nodejs-12 and rhel8/nodejs-12 s2i builder images that would include current LTS version of nodejs (12.16.1)? <br><br>3. Does the ubi8/nodejs-12 and rhel8/nodejs-12 have vanilla installation of the nodejs runtime? Or is the nodejs runtime in those images Red Hat's own implementation of the nodejs runtime ?<br></span></pre><pre style="box-sizing:border-box;overflow:auto;font-size:12px;padding:0px;margin-top:0px;margin-bottom:0px;line-height:1.66667;color:rgb(40,45,51);word-break:normal;background:none;border:none;border-radius:1px;white-space:pre-wrap"><span style="box-sizing:border-box"><br></span></pre></div>-- <br><div dir="ltr"><div dir="ltr"><div>Regards,<br></div>

        <p style="font-weight:bold;margin:0px;padding:0px;font-size:14px;text-transform:capitalize;font-family:RedHatText,sans-serif">Abhinay Purty<br></p>
        
        <p style="font-size:12px;margin:0px;text-transform:capitalize;font-family:RedHatText,sans-serif"></p><p style="font-size:12px;margin:0px;text-transform:capitalize;font-family:RedHatText,sans-serif"><span style="font-family:Arial,Helvetica,sans-serif;font-size:small;text-transform:none">Associate Technical Support Engineer</span></p><p style="font-size:12px;margin:0px;text-transform:capitalize;font-family:RedHatText,sans-serif"><a href="https://www.redhat.com" style="color:rgb(0,136,206);margin:0px" target="_blank">Red Hat India Pvt. Ltd.</a><br></p>
    <div style="margin-bottom:4px">
      
      
    </div>
    <p style="margin:0px;font-size:12px;font-family:RedHatText,sans-serif">
      
      
      
    </p>
    
    

    
      
        
          <a href="https://red.ht/sig" target="_blank"> <img src="https://static.redhat.com/libs/redhat/brand-assets/latest/corp/logo.png" width="90" height="auto"></a></div></div></div>
</blockquote></div><br clear="all"><div><br></div>-- <br><div dir="ltr" class="gmail_signature"><div dir="ltr"><div>Regards,<br></div>

        <p style="font-weight:bold;margin:0px;padding:0px;font-size:14px;text-transform:capitalize;font-family:RedHatText,sans-serif">Abhinay Purty<br></p>
        
        <p style="font-size:12px;margin:0px;text-transform:capitalize;font-family:RedHatText,sans-serif"></p><p style="font-size:12px;margin:0px;text-transform:capitalize;font-family:RedHatText,sans-serif"><span style="font-family:Arial,Helvetica,sans-serif;font-size:small;text-transform:none">Associate Technical Support Engineer</span></p><p style="font-size:12px;margin:0px;text-transform:capitalize;font-family:RedHatText,sans-serif"><a href="https://www.redhat.com" style="color:rgb(0,136,206);margin:0px" target="_blank">Red Hat India Pvt. Ltd.</a><br></p>
    <div style="margin-bottom:4px">
      
      
    </div>
    <p style="margin:0px;font-size:12px;font-family:RedHatText,sans-serif">
      
      
      
    </p>
    
    

    
      
        
          <a href="https://red.ht/sig" target="_blank"> <img src="https://static.redhat.com/libs/redhat/brand-assets/latest/corp/logo.png" width="90" height="auto"></a></div></div>