Skip to content
This repository has been archived by the owner on Nov 1, 2022. It is now read-only.

Bump Alpine version from v3.6 to v3.9 #1801

Merged
merged 1 commit into from
Mar 11, 2019
Merged

Bump Alpine version from v3.6 to v3.9 #1801

merged 1 commit into from
Mar 11, 2019

Conversation

hiddeco
Copy link
Member

@hiddeco hiddeco commented Mar 7, 2019
edited
Loading

We have multiple nightly builds (from 44874ead up to and including
c9cda8ab at time of this commit) with gnupg 2.1.20-r1 baked into
them which is effected by CVE-2018-12020 (patched in >=2.2.3-r1).

As there is no newer version of gnupg available in the Alpine
main/v3.6 repository, and 3.6 is only receiving security updates
(but with a delay?), and support for 3.6 ends on 2019-05-01,
this bump is mandatory.

@hiddeco
Bump Alpine version from v3.6 to v3.9
254f87c 
We have multiple nightly builds (from `44874ead` up to and including
`c9cda8ab` at time of this commit) with gnupg 2.1.20-r1 baked into
them which is effected by CVE-2018-12020 (patched in >=2.2.3-r1).

As there is no newer version of gnupg available in the Alpine
main/v3.6 repository, and 3.6 is only receiving security updates
(but with a delay?), and supports for 3.6 ends on 2019-05-01,
this bump is mandatory.
@hiddeco hiddeco merged commit 000fa3d into master Mar 11, 2019
@hiddeco hiddeco deleted the bump-alpine branch March 11, 2019 10:55
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@stefanprodan stefanprodan stefanprodan approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@hiddeco @stefanprodan