[jira] [Updated] (GUACAMOLE-563) Tomcat Version is not the same at pushed image on the Docker Hub

Sun, 06 May 2018 06:58:37 -0700 

     [ 
https://issues.apache.org/jira/browse/GUACAMOLE-563?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Keivn Schley updated GUACAMOLE-563:
-----------------------------------
    Description: 
Currently the Dockerfile is not the same at Docker Hub and the Github Repo: 
[https://github.com/apache/guacamole-client/blob/fed51332952a23c5e9a5ddab38ded23f092299b8/Dockerfile#L27]
 ARG TOMCAT_VERSION=8.5

The Docker Tag "latest" and "0.9.14" use an "Apache Tomcat/8.0.20" 
[https://hub.docker.com/r/guacamole/guacamole/|https://hub.docker.com/r/guacamole/guacamole/this]

this version have a Lots of Security Vulnerabilities:
 
[https://www.cvedetails.com/vulnerability-list/vendor_id-45/product_id-887/version_id-190754/Apache-Tomcat-8.0.20.html]

  was:
Currently the Dockerfile is not the same at Docker Hub and the Github Repo: 
[https://github.com/apache/guacamole-client/blob/fed51332952a23c5e9a5ddab38ded23f092299b8/Dockerfile#L27]
 ARG TOMCAT_VERSION=8.5

The Docker Tag "latest" and "0.9.14" use an "Apache Tomcat/8.0.20" 
https://hub.docker.com/r/guacamole/guacamole/this version have a Lots of 
Security Vulnerabilities:
 
[https://www.cvedetails.com/vulnerability-list/vendor_id-45/product_id-887/version_id-190754/Apache-Tomcat-8.0.20.html]


> Tomcat Version is not the same at pushed image on the Docker Hub
> ----------------------------------------------------------------
>
>                 Key: GUACAMOLE-563
>                 URL: https://issues.apache.org/jira/browse/GUACAMOLE-563
>             Project: Guacamole
>          Issue Type: Bug
>          Components: guacamole-client
>    Affects Versions: 0.9.14
>         Environment: Docker Container 
>            Reporter: Keivn Schley
>            Priority: Critical
>              Labels: security-issue
>
> Currently the Dockerfile is not the same at Docker Hub and the Github Repo: 
> [https://github.com/apache/guacamole-client/blob/fed51332952a23c5e9a5ddab38ded23f092299b8/Dockerfile#L27]
>  ARG TOMCAT_VERSION=8.5
> The Docker Tag "latest" and "0.9.14" use an "Apache Tomcat/8.0.20" 
> [https://hub.docker.com/r/guacamole/guacamole/|https://hub.docker.com/r/guacamole/guacamole/this]
> this version have a Lots of Security Vulnerabilities:
>  
> [https://www.cvedetails.com/vulnerability-list/vendor_id-45/product_id-887/version_id-190754/Apache-Tomcat-8.0.20.html]



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to