Home Esplora Aiuto
Registrati Accedi
Apq
/
nextcloud-docs
mirror da https://github.com/docker-library/docs.git
1
0
Forka 0
File Problemi 0 Wiki
Sfoglia il codice sorgente

Update amazoncorretto documentation regarding base images

David Alvarez 4 anni fa
parent
7c49f9970f
commit
9a371dd03a
1 ha cambiato i file con 12 aggiunte e 0 eliminazioni
Visualizzazione separata Mostra Diff Stats
  1. 12 0
      amazoncorretto/content.md

+ 12 - 0
amazoncorretto/content.md
Vedi File 

@@ -27,3 +27,15 @@ Amazon will provide security updates for Corretto 8 until at least June 2023. Up
 
 ### Can I use Corretto as a drop-in replacement for other JDKs?
 
 
 Corretto is designed as a drop-in replacement for all Java SE distributions unless you are using features (e.g., Java Flight Recorder) not available in OpenJDK. Once Corretto binaries are installed on a host and correctly invoked to run your Java applications (e.g., using the alternatives command on Linux), existing command-line options, tuning parameters, monitoring, and anything else in place will continue to work as before.
 
+
 
+### Why does security scanner show that a docker image has a CVE?
 
+
 
+If a security scanner reports that an amazoncorretto image includes a CVE, the first recommended action is to pull an updated version of this image.
 
+
 
+If no updated image is available, run the appropriate command to update packages for the platform, ie. run "apk -U upgrade" for Alpine or "yum update -y --security" for AmazonLinux in your Dockerfiles or systems to resolve the issue immediately.
 
+
 
+If no updated package is available, please treat this as a potential security issue and follow [these instructions](https://aws.amazon.com/security/vulnerability-reporting/) or email AWS security directly at [[email protected]](mailto:[email protected]).
 
+
 
+It is the responsibility of the base docker image supplier to provide timely security updates to images and packages. The amazoncorretto images are automatically rebuilt when a new base image is made available, but we do not make changes to our Dockerfiles to pull in one-off package updates. If a new base image has not yet been made generally available by a base docker image maintainer, please contact that maintainer to request that the issue be addressed.
 
+
 
+Note that there are multiple reasons why a CVE may appear to be present in a docker image, as explained in the [docker library FAQs](https://github.com/docker-library/faq/tree/73f10b0daf2fb8e7b38efaccc0e90b3510919d51#why-does-my-security-scanner-show-that-an-image-has-cves).