Skip to content

Commit

Permalink
Rebuild to address the xz backdoor/security issue + switch to Arch's …
Browse files Browse the repository at this point in the history 
…DockerHub repository (#48)

About the xz matter:
https://www.openwall.com/lists/oss-security/2024/03/29/4
https://archlinux.org/news/the-xz-package-has-been-backdoored/
https://security.archlinux.org/ASA-202403-1

Arch Linux container images are built daily on Arch's DockerHub repository (compared to being built weekly on the official DockerHub library).
Switching to a daily updated source allows to act faster on such eventual issue (as, for instance, the "latest" Arch image on the official DockerHub library currently is 14 days old, and do not contain the fix yet).
  • Loading branch information
@Antiz96
Antiz96 committed Mar 30, 2024
1 parent 5693c85 commit 0d544cc
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion Dockerfile
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
# Build the container from the Arch Linux base image
FROM archlinux:base-20240101.0.204074
FROM archlinux/archlinux:base-20240330.0.225642

# Basic info
LABEL maintainer="Robin Candau <robincandau@protonmail.com>"
Expand Down

0 comments on commit 0d544cc

Please sign in to comment.