1. Does the following images contain the security fixes that is mentioned in 'https://nodejs.org/en/blog/vulnerability/february-2020-security-releases'(CVE-2019-15604, CVE-2019-15605, CVE-2019-15606)?[*] https://access.redhat.com/containers/#/registry.access.redhat.com/ubi8/nodejs-12[*] https://access.redhat.com/containers/#/registry.access.redhat.com/rhel8/nodejs-12If I understand correctly, the latest version of those images are built before security fixes CVE-2019-15604, CVE-2019-15605, CVE-2019-15606 were released. https://access.redhat.com/security/cve/CVE-2019-15604 https://access.redhat.com/security/cve/CVE-2019-15605 https://access.redhat.com/security/cve/CVE-2019-156062. Is there any plans to release ubi8/nodejs-12 and rhel8/nodejs-12 s2i builder images that would include current LTS version of nodejs (12.16.1)? 3. Does the ubi8/nodejs-12 and rhel8/nodejs-12 have vanilla installation of the nodejs runtime? Or is the nodejs runtime in those images Red Hat's own implementation of the nodejs runtime ?
Associate Technical Support Engineer
Red Hat India Pvt. Ltd.