close

Filter

loading table of contents...

Release Notes / Version 11.2301

Table Of Contents

Switching to Rolling Tags for Docker Base Images

CoreMedia base images are based on official Docker Hub images. These official images are regularly affected by security vulnerabilities - some more, some less. This is one reason why we are publishing our images independently from the Blueprint on Docker Hub. You can upgrade to a new version without having to wait for a new CMCC release.

Because creating a secure product is a high priority for us, we will go one step further. We increase the update frequency of the CoreMedia Base Images and we switch to rolling tags with the CMCC 11.2210.1 AEP release. Rolling Tags are a common strategy in Open Source and commercial products to deal with the moving target of security vulnerabilities in operating systems and the included 3rd party libraries.

As such the following images are now referenced in the Blueprint by means of their rolling tags:

The rolling tags include the updated versions:

  • Release 11.0.16 of the respective JDKs

  • NGINX 1.23.1-alpine

Among others, the updates fix: CVE-2022-34169 CVE-2022-32207 CVE-2022-28391 CVE-2022-27404 CVE-2022-28391 CVE-2022-1586 CVE-2022-1587

For more information on the rolling tags read this article in the Security section of our Knowledge Base.

(CMS-21849)

Search Results

Table Of Contents
warning

Your Internet Explorer is no longer supported.

Please use Mozilla Firefox, Google Chrome, or Microsoft Edge.