Docker installation vulnerable to CVE-2015-8126?


(Matt McNeil) #1

I’ve been reading about an apparently somewhat serious vulnerability in libpng which was reported on Nov. 12. Can anyone confirm whether the standard Docker-based installation of Discourse is vulnerable? If so, what is the recommended remediation?
Thanks much,
Matt


(Sam Saffron) #2

I will get a new image cut later today


(Matt McNeil) #3

Wonderful, thank you!!

(sent from a phone)


(Sam Saffron) #4

Docker image is now updated…

To get latest

cd /var/discourse
./launcher rebuild app

(Jeff Atwood) #5