To answer your questions:
1) yes, see https://issues.apache.org/jira/browse/FLINK-23221
2) Once an upstream image with the fix was released we will try to
release new images ASAP.
3) No, there's nothing to do on the Flink side.
4) No, we only have the debian-based images.
On 02/08/2021 16:40,
Hi Daniel,
sorry for the late reply and thanks for the report. We'll look into this
and get back to you.
Cheers,
Konstantin
On Tue, Jun 15, 2021 at 4:33 AM Daniel Moore
wrote:
> Hello All,
>
> We have been implementing a solution using the Flink image from
>
Hello All,
We have been implementing a solution using the Flink image from
https://github.com/apache/flink-docker/blob/master/1.13/scala_2.12-java11-debian/Dockerfile
and it got flagged by our image repository for 3 major security
vulnerabilities:
CVE-2017-8804
CVE-2019-25013
CVE-2021-33574