Hello all,
Visiting https://reporter.apache.org/chi.py (and logging in as "mjumper"),
the server reports HTTP 500 and states the following:
"Internal Server Error
The server encountered an internal error or misconfiguration and was unable
to complete your request.
Please contact the server admi
I've spent an inordinate amount of time at $dayjob triaging security
vulnerabilities from Docker scans, so I can definitely attest to
Mark's experience there. In fact, one of the biggest offenders was the
official Docker Hub image for openjdk! Then there were a few years
where people pushed Alpine
Will definitely include that in my proposal Mark!
BTW. Speaking of the report you got, we got the user talking to us on
slack, and got the user to retest it on the refreshed image.
It all boiled down to 4 "undefined" risk issues reported by the tool (seems
that their - reasonable - approach is th
On Mon, Sep 7, 2020 at 2:21 PM Jarek Potiuk wrote:
> I also talked to the Apache Security team today (there was an issue raised
> about the security of the images which I think should be part of the policy
> as well.
>
Thanks Jarek. What happened is that we got a report to secur...@apache.org
a
