From 17ff88edb5f872e4c59c3115be05d81f1b8b01f8 Mon Sep 17 00:00:00 2001 From: Aliaksandr Valialkin Date: Fri, 31 Mar 2023 22:46:25 -0700 Subject: [PATCH] deployment/docker: update base Docker image from Alpine 3.17.2 to Alpine 3.17.3 This fixes security issues from https://alpinelinux.org/posts/Alpine-3.17.3-released.html This is a follow-up for 59c350d0d280251b1a0a0927cda52411def5c209 --- deployment/docker/Makefile | 4 ++-- docs/CHANGELOG.md | 2 ++ 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/deployment/docker/Makefile b/deployment/docker/Makefile index ab6d30fe5..95e2466d3 100644 --- a/deployment/docker/Makefile +++ b/deployment/docker/Makefile @@ -2,8 +2,8 @@ DOCKER_NAMESPACE := victoriametrics -ROOT_IMAGE ?= alpine:3.17.2 -CERTS_IMAGE := alpine:3.17.2 +ROOT_IMAGE ?= alpine:3.17.3 +CERTS_IMAGE := alpine:3.17.3 GO_BUILDER_IMAGE := golang:1.20.2-alpine BUILDER_IMAGE := local/builder:2.0.0-$(shell echo $(GO_BUILDER_IMAGE) | tr :/ __)-1 BASE_IMAGE := local/base:1.1.4-$(shell echo $(ROOT_IMAGE) | tr :/ __)-$(shell echo $(CERTS_IMAGE) | tr :/ __) diff --git a/docs/CHANGELOG.md b/docs/CHANGELOG.md index 152ae4fac..f30455603 100644 --- a/docs/CHANGELOG.md +++ b/docs/CHANGELOG.md @@ -15,6 +15,8 @@ The following tip changes can be tested by building VictoriaMetrics components f ## v1.87.x long-time support release (LTS) +* SECURITY: upgrade base docker image (alpine) from 3.17.2 to 3.17.3. See [alpine 3.17.3 release notes](https://alpinelinux.org/posts/Alpine-3.17.3-released.html). + * BUGFIX: [MetricsQL](https://docs.victoriametrics.com/MetricsQL.html): properly convert [VictoriaMetrics historgram buckets](https://valyala.medium.com/improving-histogram-usability-for-prometheus-and-grafana-bc7e5df0e350) to Prometheus histogram buckets when VictoriaMetrics histogram contain zero buckets. Previously these buckets were ignored, and this could lead to missing Prometheus histogram buckets after the conversion. Thanks to @zklapow for [the fix](https://github.com/VictoriaMetrics/VictoriaMetrics/pull/4021). * BUGFIX: properly support comma-separated filters inside [retention filters](https://docs.victoriametrics.com/#retention-filters). See [this issue](https://github.com/VictoriaMetrics/VictoriaMetrics/issues/3915). * BUGFIX: verify response code when fetching configuration files via HTTP. See [this issue](https://github.com/VictoriaMetrics/VictoriaMetrics/issues/4034).