|
|
|
|
|
|
by mschuster91
3262 days ago
|
|
|
> so if you rebuilt a docker image based off Alpine you'd have gotten the security update like you described. Only if I directly base off my image from Alpine. All images that base off something that either directly bases off Alpine (or worse, with more intermediaries) have a problem as ALL images in the chain must be rebuilt. That is the core problem. |
|
|
I always build my images directly off Alpine anyway, or a base image that I control.
(In this case though, the security fix is for the apk-tools package and not the distro itself, so as long as you have apk update+upgrade in your final build, whether the intermediate images are rebuilt doesn't matter.)