Hello, I am Vaibhav Pagar and I am reaching out to you regarding query about the container images of Node.js which you are maintaining. One my customer is using below 2 container images which are affected by the given CVE's
~~~ 1] Image Node.js 10 https://catalog.redhat.com/software/containers/ubi8/nodejs-10/5c839aa3d70cc51dd4c425d9?container-tabs=overview Affected by two CVE's :- > CVE-2020-13777 Fixed with >> RHSA-2020:2637 on 2020-06-22 > CVE-2020-11080 Fixed with >> RHSA-2020:2755 on 2020-06-25 Both of the above CVE's are marked as important so their fix will be released in container images soon as the actual fix for the package is already released. 2] Image Node.js 12 https://catalog.redhat.com/software/containers/ubi8/nodejs-12/5d3fff015a13461f5fb8635a?container-tabs=security Affected by two CVE's:- > CVE-2020-13777 Fixed with >> RHSA-2020:2637 on 2020-06-22 > CVE-2020-11080 Fixed with >> RHSA-2020:2755 on 2020-06-25 ~~~ I can see for both the CVE's the fix is already released for the affected packages, so when can we expect the fix in Node.js container images? Customers want to get this fix asap as the CVE is marked as important and they said that it's affecting their deployments. Can you please let me know any ETA for the fix? Thank you, Vaibhav Pagar TECHNICAL SUPPORT ENGINEER, Red Hat India Pvt. Ltd. <https://www.redhat.com> vpa...@redhat.com M: 7588040831 <http://redhatemailsignature-marketing.itos.redhat.com/> <https://red.ht/sig> @redhatnews <https://twitter.com/redhatnews> Red Hat <https://www.linkedin.com/company/red-hat> Red Hat <https://www.facebook.com/RedHatInc>
_______________________________________________ SCLorg mailing list SCLorg@redhat.com https://www.redhat.com/mailman/listinfo/sclorg