[scl.org] Queries regarding nodejs 12 image

Abhinay Purty apurty at redhat.com
Thu Mar 19 07:28:42 UTC 2020

Hello Team,

IHAC with a few queries.

1. Does the following images contain the security fixes that is
mentioned in 'https://nodejs.org/en/blog/vulnerability/february-2020-security-releases'
(CVE-2019-15604, CVE-2019-15605, CVE-2019-15606)?
[*] https://access.redhat.com/containers/#/registry.access.redhat.com/ubi8/nodejs-12
[*] https://access.redhat.com/containers/#/registry.access.redhat.com/rhel8/nodejs-12
If I understand correctly, the latest version of those images are
built before security fixes CVE-2019-15604[1], CVE-2019-15605[2],
CVE-2019-15606[3] were released.

[1] https://access.redhat.com/security/cve/CVE-2019-15604
[2] https://access.redhat.com/security/cve/CVE-2019-15605
[3] https://access.redhat.com/security/cve/CVE-2019-15606

2.  Is there any  plans to release ubi8/nodejs-12 and rhel8/nodejs-12
s2i builder images that would include current LTS version of nodejs

3. Does the ubi8/nodejs-12 and rhel8/nodejs-12 have vanilla
installation of the nodejs runtime? Or is the nodejs runtime in those
images Red Hat's own implementation of the nodejs runtime ?


Abhinay Purty

Associate Technical Support Engineer

Red Hat India Pvt. Ltd. <https://www.redhat.com>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/sclorg/attachments/20200319/13b1dee0/attachment.htm>

More information about the SCLorg mailing list