You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I had a similar issue with the RDF4J container but resolved that with a one-liner change to the Dockerfile to use a different tomcat tag (FROM tomcat:8-jre11 AS wb instead of FROM tomcat:8.5-jre11-temurin AS wb.
I tried the same thing with the Dockerfile for opensilex but noticed that the tomcat version is specified in the Maven pom.xml (as below). In order to update it, I would have to build the entire opensilex application from source, after making the POM change, and then use that built release for the opensilex container.
<tomcat.version>9.0.39</tomcat.version>
The text was updated successfully, but these errors were encountered:
Hi, I've been using the opensilex-docker-compose repo to spin up and run our PHIS instance but it has come up in a scan of Tomcat vulnerabilities: [https://nvd.nist.gov/vuln/detail/CVE-2022-42252](https://nvd.nist.gov/vuln/detail/CVE-2022-42252)
I had a similar issue with the RDF4J container but resolved that with a one-liner change to the Dockerfile to use a different tomcat tag (
FROM tomcat:8-jre11 AS wbinstead ofFROM tomcat:8.5-jre11-temurin AS wb.I tried the same thing with the Dockerfile for opensilex but noticed that the tomcat version is specified in the Maven pom.xml (as below). In order to update it, I would have to build the entire opensilex application from source, after making the POM change, and then use that built release for the opensilex container.
The text was updated successfully, but these errors were encountered: