Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Bug]: Can we update the base image version to the latest version without lots of CVEs? #31997

Open
1 task done
weiZhenkun opened this issue Apr 8, 2024 · 8 comments
Open
1 task done

[Bug]: Can we update the base image version to the latest version without lots of CVEs? #31997

weiZhenkun opened this issue Apr 8, 2024 · 8 comments
Assignees
@LoveEachDay
Labels
kind/bug Issues or changes related a bug triage/accepted Indicates an issue or PR is ready to be actively worked on.

Comments

@weiZhenkun
Copy link

weiZhenkun commented Apr 8, 2024
edited

Is there an existing issue for this?

  • I have searched the existing issues

https://github.com/milvus-io/milvus/blob/master/build/docker/milvus/ubuntu20.04/Dockerfile#L12

why we keep the version in the 20220426 and not update to the latest for 8 months?
can we update ubuntu:focal-20220426 to ubuntu:focal or the latest version?

https://github.com/milvus-io/milvus/blob/master/build/docker/milvus/amazonlinux2023/Dockerfile#L12
for amazonlinux:2023, we are use it without date, but for ubuntu,we are use it with date?
@weiZhenkun weiZhenkun added kind/bug Issues or changes related a bug needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one. labels Apr 8, 2024
@weiZhenkun weiZhenkun changed the title [Bug]: Can we update the base image version: [Bug]: Can we update the base image version to the latest version with lots of CVEs? Apr 8, 2024
@weiZhenkun weiZhenkun changed the title [Bug]: Can we update the base image version to the latest version with lots of CVEs? [Bug]: Can we update the base image version to the latest version without lots of CVEs? Apr 8, 2024
@xiaofan-luan
Copy link
Contributor

is there a special reason we need to update it?

@weiZhenkun
Copy link
Author

weiZhenkun commented Apr 8, 2024
edited

when you keep the version in a fixed version, it will bring lots of CVEs.

For https://github.com/milvus-io/milvus/blob/master/build/docker/milvus/amazonlinux2023/Dockerfile#L12, you are using a big version, but for ubuntu, you are using the fixed verson. It does not make sence.

@weiZhenkun
Copy link
Author

image

@LoveEachDay
Copy link
Contributor

@weiZhenkun We're making sure there is no critical cve vulnerabilities.

@yanliang567
Copy link
Contributor

/assign @LoveEachDay
/unassign

@yanliang567 yanliang567 added triage/accepted Indicates an issue or PR is ready to be actively worked on. and removed needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one. labels Apr 10, 2024
@weiZhenkun
Copy link
Author

weiZhenkun commented Apr 16, 2024
edited

@weiZhenkun We're making sure there is no critical cve vulnerabilities.

@LoveEachDay any update?

@weiZhenkun weiZhenkun mentioned this issue May 15, 2024
Open
@stale Stale
Copy link

stale bot commented May 18, 2024

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.
Rotten issues close after 30d of inactivity. Reopen the issue with /reopen.

@stale stale bot added the stale indicates no udpates for 30 days label May 18, 2024
@yanliang567
Copy link
Contributor

keep it

@stale stale bot removed the stale indicates no udpates for 30 days label May 20, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@LoveEachDay LoveEachDay

Labels
kind/bug Issues or changes related a bug triage/accepted Indicates an issue or PR is ready to be actively worked on.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@LoveEachDay @weiZhenkun @yanliang567 @xiaofan-luan