I am using clair to scan my docker images and I see that there are a lot of High priority bugs flagged for my image python:2.7-stretch which is based off Debian:stretch. Now most of these are fixed in a newer version of stretch (called stretch security). But I do not see a corresponding debian:stretch-security version released in dockerhub. Is there a way to fix these bugs or should one wait for debian to fix them in their base images?
1
There are 1 best solutions below
Related Questions in DOCKER
- Docker, redirecting to virtualbox port
- Collect only from STDERR when using Docker syslog logging driver
- How can I create a docker image from the current system?
- Moving Docker Containers Around
- How can I test with serverspec that Jenkins is running in a jenkins docker container?
- How to deploy django 1.8 on Elastic Beanstalk using Docker
- Emulating `docker run` using the golang docker API
- Where are docker images and containers stored when we use it with Windows?
- docker compose, vagrant and insecure Repository
- Commit data in a mysql container
- oh-my-zsh installation returns non zero code
- Use custom docker binary in CoreOS
- Can I use docker image ubuntu 14.04 if my host is 12.04?
- Hide/obfuscate environmental parameters in docker
- How to add initial users when starting a RabbitMQ Docker container?
Related Questions in DEBIAN
- Python Requests just got very slow, better alternative?
- Getting X Cursor in WebKit GTK2+ widget if run by startx
- How to increase PHP memory_limit in Debian Jessie?
- Unable to install RabbitMQ using puppet due to curl error
- phpinfo() uses old version. What am I missing after "make install"?
- How to make home directory the root with useradd on Debian
- Is Google using Debian and Apache?
- scanbd doesn't work unless I restart it from the command line
- debconf selections for phpmyadmin unattended installation with no webserver installed and no dbconfig-common
- How to run TeamSpeak3 server on boot?
- Install Subversion 1.7 on Debian jessie
- apache proxy doesn't work
- module.js 340 error Cannot find module 'bonescript'
- Rails, Sidekiq and systemd are on a debian 8 ship
- Custon headers not working on php 5.6 - apache 2.4, debian 8 jessie
Related Questions in CLAIR
- Redhat clair could not send notification via notifier
- Configuration to analyse docker-images with paclair for clair from nexus
- Is it possible to 'Security Scan' running docker containers that have been deployed to k8s?
- GitLab: Docker in Docker container can't connect to Service container
- How to communicate with a gitlab service container
- Fix vulnerabilities for Azure ACR
- How can I negate a regular expression?
- Clair scanner shows Unknown Severity for Debian based docker images
- Quay Clair - Could not get an output on scanning the container images
- ClaiR/Rascal: Best way to list public functions?
- Running multiple containers in single fargate task for clair container scanning
- Package Analysis in Docker Image
- Debian docker image bugs
- Match root element of partial AST
- Using clair when POST /v1/layers a request, got 400 response with error: 'could not find layers'
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
The solution is to do an 'apt upgrade' inside the container which will pull in the updated packages and any CVE bugs which have a fix available should get updated. This will then leave my image with only bugs for which no fix has been released.