Comments (3)
abscondment
commented on July 29, 2024
I took a look at opening a PR to change the stable images to 1.24.0-r7, but updating PKG_RELEASE to 7 caused some unexpected changes that made the rest of the docker build fail. Configuration directories/files seem to have been relocated between these releases, so it seems like it might be a breaking change for many users.
from docker-nginx-unprivileged.
bebosudo
commented on July 29, 2024
Any update on this effort?
from docker-nginx-unprivileged.
alessfg
commented on July 29, 2024
Yep! Although it might not be the one you were looking for. There are no active plans to release patches to specifically address this CVE in the stable branch. The CVE only comes into play in certain NGINX HTTP/2 configurations, and as such we are recommending users tweak their config instead per the instructions here (https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/).
If you want a "patched" version of NGINX (it's more of a system stability update than a "patch"), I would suggest switching from the stable to the mainline branch.
Alternatively, feel free to use the Alpine NGINX package (that's the 1.24.0-r7 package you are seeing as being fixed) instead of the one built by us (which is still at 1.24.0-r1).
from docker-nginx-unprivileged.
Related Issues (20)
- Please add bookworm-stable tag with current stable version based on Debian 12 HOT 5
- Non-container guide HOT 2
- Allow contaiener root user to start nginx process and its workers when used in rootless podman HOT 1
- Publish image to a registry that is not rate-limited HOT 4
- nginx defaults to 8080 even if we tell otherwise HOT 8
- Add `;` in readme for Line 35
- Improve local testing docs
- Does image build include installing security updates? HOT 1
- Add another common issue to the README section
- proxy_bind transparent whithout root user HOT 1
- Clarify how to use the different base image versions. HOT 1
- Alpine 3.19 Upgrade HOT 1
- Stable Perl images using mainline nginx? HOT 1
- Upgrade Base Image of nginxinc/docker-nginx-unprivileged from stable-bullseye to stable-bookworm HOT 6
- Container images pushed to Dockerhub are changing checksums without changing version HOT 3
- nginxplus version HOT 2
- Images with tags fixing alpine versions are missing HOT 2
- Pack and run Vue Application based on nginx-unprivileged in Kubernetes HOT 3
- CVE-2023-50387 in systemd 252.22 in nginxinc/nginx-unprivileged:latest
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from docker-nginx-unprivileged.