[scl.org] Fix for the Node.js images
Vaibhav Pagar
vpagar at redhat.com
Thu Jul 2 07:56:35 UTC 2020
Hello,
I am Vaibhav Pagar and I am reaching out to you regarding query about the
container images of Node.js which you are maintaining.
One my customer is using below 2 container images which are affected by the
given CVE's
~~~
1] Image Node.js 10
https://catalog.redhat.com/software/containers/ubi8/nodejs-10/5c839aa3d70cc51dd4c425d9?container-tabs=overview
Affected by two CVE's :-
> CVE-2020-13777 Fixed with >> RHSA-2020:2637 on 2020-06-22
> CVE-2020-11080 Fixed with >> RHSA-2020:2755 on 2020-06-25
Both of the above CVE's are marked as important so their fix will be
released in container images soon as the actual fix for the package is
already released.
2] Image Node.js 12
https://catalog.redhat.com/software/containers/ubi8/nodejs-12/5d3fff015a13461f5fb8635a?container-tabs=security
Affected by two CVE's:-
> CVE-2020-13777 Fixed with >> RHSA-2020:2637 on 2020-06-22
> CVE-2020-11080 Fixed with >> RHSA-2020:2755 on 2020-06-25
~~~
I can see for both the CVE's the fix is already released for the affected
packages, so when can we expect the fix in Node.js container images?
Customers want to get this fix asap as the CVE is marked as important and
they said that it's affecting their deployments.
Can you please let me know any ETA for the fix?
Thank you,
Vaibhav Pagar
TECHNICAL SUPPORT ENGINEER,
Red Hat India Pvt. Ltd. <https://www.redhat.com>
vpagar at redhat.com M: 7588040831
<http://redhatemailsignature-marketing.itos.redhat.com/>
<https://red.ht/sig>
@redhatnews <https://twitter.com/redhatnews> Red Hat
<https://www.linkedin.com/company/red-hat> Red Hat
<https://www.facebook.com/RedHatInc>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/sclorg/attachments/20200702/59ef6297/attachment.htm>
More information about the SCLorg
mailing list