Comments (4)
Yes, I'd be happy to rebuild but I just want to clarify that it is a bit of a non-issue. Also rocker/r-base famously becomes r-base
(ie a core Docker container) and we treat those as immutable.
Maybe with R 4.3.3 coming to end of life a rebuild is fine, on other other hand we are having a bit trouble right now with testing
because of the 64 bit time_t
transition which may pull more in than we like from unstable
. Come to think about it that was the case already for the 4.3.3 build so maybe I just rebuild.
Typing from a happy Ubuntu workstation with an updated xz
etc (as I am surely running sshd
here...) ...
from rocker.
But I presume you not running sshd (which is how the exploit was aiming to do damage) in that container? If I do an apt update -qqq; apt install -y procps
then ps -aux
shows nothing is running as docker is, after all, by default a single process:
root@a90632d4c6ba:/# ps -aux
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1 0.0 0.0 7216 3840 pts/0 Ss 17:39 0:00 bash
root 236 0.0 0.0 10740 4224 pts/0 R+ 17:41 0:00 ps -aux
root@a90632d4c6ba:/#
(The hostname
is AFAIK entirely random so no need to obfuscate / hide in the screenshot. Also textual quotes work great here thanks to markdown and code formatting....)
from rocker.
Thanks for the tips, I don't comment on issues often so I appreciate the feedback. Yes, I am not running sshd (and therefore it's not a risk). I was just checking through my containers with different base images and this was the only one with the vulnerability. Seems like you are aware of the issue, thanks for taking the time to respond :).
All my best,
Kevin
from rocker.
I just rebuilt (and pushed) them (for tags 4.3.3 and latest).
It moves packages xz,liblzma{5,-dev}
package from 5.6.0-0.2 to 5.6.1+really5.4.5-1. It should not matter for the container providing R, but it does not hurt and we all sleep better that way.
from rocker.
Related Issues (20)
- wiki: best practices for creating dockerfiles HOT 6
- `r-base` (Docker Official Image) is not updated HOT 5
- Migrating from Dockerhub? HOT 3
- Container for RStudio (not server) HOT 1
- MRAN repository snapshots were deleted - Failing jobs because packages can't be found anymore HOT 5
- docker v18 & packages repositories & rocker's images HOT 5
- unable to load shared object
- Update results in deletion of all install package...
- installation testing fails HOT 1
- r: error while loading shared libraries: libR.so: cannot open shared object file: No such file or directory
- Docker image r-base:4.2.1 not reproducible HOT 4
- Installing unstable apt packages? HOT 4
- Local Zotero Integration? HOT 3
- R session terminated HOT 1
- latest r-base breaks install of `curl` package HOT 8
- Potential high vulnerability in r-base:4.3.1 HOT 3
- Installing packages fails due to broken openssl package in debian testing HOT 2
- Alternative Methods of Extending Images? HOT 5
- update 'latest' version to 4.4.0 RDS security flaw HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from rocker.