Giter Site home page Giter Site logo

Comments (5)

jperrin avatar jperrin commented on August 27, 2024

No worries about the wrong place. We actually stopped doing minor point releases, because people largely don't update. People were building containers that came with heartbleed and other vulnerabilities pre-installed by default because they wouldn't update.

The only variance introduced would largely be security and bugfix updates, which people should be doing anyway. If you can provide a convincing argument for minor releases, I'm certainly willing to reconsider. My current stance is that I don't want to enable people to be actively insecure in their containers.

from sig-cloud-instance-images.

RobotCaleb avatar RobotCaleb commented on August 27, 2024

That all makes sense and I agree with all of your points. Let me revisit this when I've run into an issue instead of a hypothetical issue.
How frequently would the centos6 image change? Just with security updates?

from sig-cloud-instance-images.

jperrin avatar jperrin commented on August 27, 2024

We respin the images monthly, usually around the 2nd-3rd of the month, so that it's a scheduled/regular thing people can know to expect. If there's a security issue that gets a name (heartbleed, shellshock, etc) obviously those are a bit more critical and warrant an update outside the normal schedule.

from sig-cloud-instance-images.

djdefi avatar djdefi commented on August 27, 2024

We had this break an image build that was using centos:centos6 when it went from 6.5 to 6.6. The application we are running within the image is picky about what version of the OS is running (needs to be set in a config file)

It makes sense to have the :latest and major version tags be up to the latest release for security. Generally these are what are going to be used.

I still think that minor versions should be available.
That is part of the benefit of Docker and immutable infrastructure, to be able to pin to a certain version of the software. We can patch our own images for known vulnerabilities if we are using these versions.

from sig-cloud-instance-images.

jperrin avatar jperrin commented on August 27, 2024

docker-library/official-images#384 Adds support for minor releases (6.6, 5.11, and 7.0.1406) along with short-name support (centos:6 vs centos:centos6). It should be in the index soon.

from sig-cloud-instance-images.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.