Hi Alexis and Gabor ,
Thanks for your valuable suggestions. We tried implementing as per the
suggestion given, updating the GOSE_VERSION to 1.17 and few other changes
from our end and we see that all the jfrog x-ray vulnerabilities are fixed.
Thanks for you support and help.
Thanks,
Elakiya
Hi Alexis and Gabor ,
Thanks for your valuable response and suggestions. Will try to work on the
suggestions and get back to you if require more details.
Thanks,
Elakiya
On Sun, Jun 23, 2024 at 10:12 PM Gabor Somogyi
wrote:
> Hi Elakiya,
>
> I've just double checked the story and seems like
Hi Elakiya,
I've just double checked the story and seems like the latest 1.17 gosu
release is not vulnerable.
Can you please try it out on your side? Alexis has written down how you can
bump the docker version locally:
---CUT-HERE---
ENV GOSU_VERSION 1.17
---CUT-HERE---
Please report back and
Hi Elakiya,
just to be clear, I'm not a Flink maintainer, but here my 2 cents.
I imagine the issues related to Go come from 'gosu', which is installed in
the official Flink Docker images. You can see [1] for some thoughts from
the gosu maintainer regarding CVEs (and the md file he links).
Hi Team,
I would like to remind about the request for the help required to fix the
vulnerabilities seen in the Flink Docker image. Any help is appreciated.
Thanks in advance.
Thanks,
Elakiya U
On Tue, Jun 18, 2024 at 12:51 PM elakiya udhayanan
wrote:
> Hi Community,
>
> In one of our
Hi Community,
In one of our applications we are using a Fink Docker image and running
Flink as a Kubernetes pod. As per policy, we tried scanning the Docker
image for security vulnerabilities using JFrog XRay and we find that there
are multiple critical vulnerabilities being reported as seen in
