Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Docker - Security problem using an older version of Tomcat (v 9.0.65) #10476

Open
Jean-arthis opened this issue Jul 15, 2024 · 0 comments · May be fixed by #10682
Open

Docker - Security problem using an older version of Tomcat (v 9.0.65) #10476

Jean-arthis opened this issue Jul 15, 2024 · 0 comments · May be fixed by #10682

Comments

@Jean-arthis
Copy link

Jean-arthis commented Jul 15, 2024
edited
Loading

MapStore2/Dockerfile

Line 1 in 05de4ba

FROM tomcat:9-jdk11-openjdk AS mother

The MapStore docker image is based on a Tomcat docker image named "tomcat:9-jdk11-openjdk" (https://hub.docker.com/layers/library/tomcat/9-jdk11-openjdk/images/sha256-5a5d1f2d1f71618995c96f55b3939773fa33700bc7601328032512a49e7dffee?context=explore).
This image uses Tomcat version 9.0.65 and is 2 years old. It is affected by 12 critical and 32 severe vulnerabilities.
For security reasons, an upgrade to a more recent version of Tomcat would resolve several vulnerabilities.
kaplanlior added a commit to kaplanlior/MapStore2 that referenced this issue Nov 17, 2024
@kaplanlior
Update tomcat base image
016839a 
Solve many security warning on external components. Fixes geosolutions-it#10476
@kaplanlior kaplanlior linked a pull request Nov 17, 2024 that will close this issue
Open
4 tasks
kaplanlior added a commit to kaplanlior/MapStore2 that referenced this issue Nov 17, 2024
@kaplanlior
Update tomcat base image
2285c39 
Solve many security warning on external components. Fixes geosolutions-it#10476
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Update tomcat base image kaplanlior/MapStore2
1 participant
@Jean-arthis