[
https://issues.apache.org/jira/browse/SOLR-16523?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17641917#comment-17641917
]
Jan Høydahl commented on SOLR-16523:
------------------------------------
I see that Ubuntu maintainers patched gosu this october to rebuild from golang
1.7 to 1.13:
[http://changelogs.ubuntu.com/changelogs/pool/universe/g/gosu/gosu_1.10-1ubuntu0.20.04.2/changelog]
Also, Ubuntu does their own CVE patching of [golang
itself|https://packages.ubuntu.com/focal/golang-1.13], see
[http://changelogs.ubuntu.com/changelogs/pool/main/g/golang-1.13/golang-1.13_1.13.8-1ubuntu1.1/changelog]
- latest patch update of golang 1.13 was November 9th. Solr's docker images
are eventually re-built to catch such fixes.
> gosu binary version
> -------------------
>
> Key: SOLR-16523
> URL: https://issues.apache.org/jira/browse/SOLR-16523
> Project: Solr
> Issue Type: Improvement
> Security Level: Public(Default Security Level. Issues are Public)
> Components: Docker
> Affects Versions: 8.11.2
> Reporter: Ritchie Gu
> Assignee: Jan Høydahl
> Priority: Major
>
> I noticed that as part of the process, it's installing gosu and few other
> packages
> [https://github.com/apache/solr-docker/blob/main/8.11-slim/Dockerfile#L20,]
> The version of gosu gets installed is a bit of old, and do you have any plan
> to install newer version gosu in?
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@solr.apache.org
For additional commands, e-mail: issues-h...@solr.apache.org
