Hi Joan, Thanks for reacting so quickly and fixing it all. It’s really appreciated.
Cheers Garren On Tue, Apr 30, 2019 at 11:47 PM Joan Touzet <woh...@apache.org> wrote: > Hello there, > > You may have read about the recent breach of security at Docker Hub[1]. > > In light of this breach, and in the interest of security for all of our > users, today we have taken the following actions: > > * Reset all passwords and tokens that were in use with Docker Hub. > (Apache CouchDB never published anything to Docker Hub in an > automated fashion, by policy.) > > * Rebuilt and republished all currently supported CouchDB images in use: > > apache/couchdb:2.3.1 (aka "latest") > apache/couchdb:2.3.0 > > * Rebuilt and republished these images, which are no longer supported: > apache/couchdb:1.7.2 > apache/couchdb:1.7.2-couchperuser > > * Removed all tags that are no longer supported or have known security > issues. This includes versions 1.6.*, 1.7.1, 2.0.*, 2.1.*, and 2.2.*. > > While there were no known issues with any of our published images, and > we were not notified that our password hash was potentially leaked, this > action was in the best interest of the project. > > Note that the "official" Docker couchdb image (what you get if you run > `docker pull couchdb` instead of `docker pull apache/couchdb`) is > maintained by Docker staff, not us, and is auto-published using their > infrastructure based on the Dockerfile and scripts we provide. They are > already updating this image on a regular basis. > > -Joan "Move over, Maersk" Touzet > > [1]: https://success.docker.com/article/docker-hub-user-notification > >
