New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Looking for open-vm-tools security update - CVE-2022-31676 for burmilla/os-openvmtools docker image #143
Comments
It is a bit hard imagine real world scenario where BurmillaOS would be affected by that CVE. You would need to have:
However, feel free to open pull request if you see this critical. It basically would need update this to later version https://github.com/burmilla/os-services/blob/master/o/open-vm-tools.yml#L2 , same version to be updated in here https://github.com/burmilla/os-services/blob/master/images/10-openvmtools/Dockerfile#L38 and potentially update some other libraries because of switch from 11.x to 12.x. |
Do I have permission to create branch and open PR. What is the process to get it in case required. |
Fix included on burmilla/os-services@90ba9e3 but it will go to next (1.9.6) BurmillaOS version so I need to check what else need to be updated. We are already behind of couple of Docker versions and looks that there will be new one quite soon after moby/moby#44593 and moby/moby#44597 merged. |
Thank you very much Olli Janatuinen. I appreciate your help so much. |
Included to just released v1.9.6 version: |
BurmillaOS Version: v1.9.2
Where are you running BurmillaOS? As Virtual appliance
Do you use some service(s) which are not enabled by default : open-vm-tools
Looking for open-vm-tools security update - CVE-2022-31676 for burmilla/os-openvmtools docker image . when the latest image will be available?
https://hub.docker.com/r/burmilla/os-openvmtools
The text was updated successfully, but these errors were encountered: