mirror of
https://github.com/VictoriaMetrics/VictoriaMetrics.git
synced 2024-11-21 14:44:00 +00:00
security: upgrade base docker image (Alpine) from 3.20.1 to 3.20.2 (#6684)
See https://www.alpinelinux.org/posts/Alpine-3.20.1-released.html >including security fix for: OpenSSL CVE-2024-5535
This commit is contained in:
parent
d88d0f382b
commit
b515a7b69b
3 changed files with 5 additions and 3 deletions
|
@ -6,7 +6,7 @@ COPY web/ /build/
|
||||||
RUN GOOS=linux GOARCH=amd64 CGO_ENABLED=0 go build -o web-amd64 github.com/VictoriMetrics/vmui/ && \
|
RUN GOOS=linux GOARCH=amd64 CGO_ENABLED=0 go build -o web-amd64 github.com/VictoriMetrics/vmui/ && \
|
||||||
GOOS=windows GOARCH=amd64 CGO_ENABLED=0 go build -o web-windows github.com/VictoriMetrics/vmui/
|
GOOS=windows GOARCH=amd64 CGO_ENABLED=0 go build -o web-windows github.com/VictoriMetrics/vmui/
|
||||||
|
|
||||||
FROM alpine:3.20.1
|
FROM alpine:3.20.2
|
||||||
USER root
|
USER root
|
||||||
|
|
||||||
COPY --from=build-web-stage /build/web-amd64 /app/web
|
COPY --from=build-web-stage /build/web-amd64 /app/web
|
||||||
|
|
|
@ -2,9 +2,9 @@
|
||||||
|
|
||||||
DOCKER_NAMESPACE ?= victoriametrics
|
DOCKER_NAMESPACE ?= victoriametrics
|
||||||
|
|
||||||
ROOT_IMAGE ?= alpine:3.20.1
|
ROOT_IMAGE ?= alpine:3.20.2
|
||||||
ROOT_IMAGE_SCRATCH ?= scratch
|
ROOT_IMAGE_SCRATCH ?= scratch
|
||||||
CERTS_IMAGE := alpine:3.20.1
|
CERTS_IMAGE := alpine:3.20.2
|
||||||
|
|
||||||
GO_BUILDER_IMAGE := golang:1.22.5-alpine
|
GO_BUILDER_IMAGE := golang:1.22.5-alpine
|
||||||
BUILDER_IMAGE := local/builder:2.0.0-$(shell echo $(GO_BUILDER_IMAGE) | tr :/ __)-1
|
BUILDER_IMAGE := local/builder:2.0.0-$(shell echo $(GO_BUILDER_IMAGE) | tr :/ __)-1
|
||||||
|
|
|
@ -33,6 +33,8 @@ See also [LTS releases](https://docs.victoriametrics.com/lts-releases/).
|
||||||
|
|
||||||
**Update note 1: [vmauth](https://docs.victoriametrics.com/vmauth/) HTTP response code has changed from 503 to 502 for a case when all upstream backends were not available. This was changed to align [vmauth](https://docs.victoriametrics.com/vmauth/) behaviour with other well-known reverse-proxies behaviour. **
|
**Update note 1: [vmauth](https://docs.victoriametrics.com/vmauth/) HTTP response code has changed from 503 to 502 for a case when all upstream backends were not available. This was changed to align [vmauth](https://docs.victoriametrics.com/vmauth/) behaviour with other well-known reverse-proxies behaviour. **
|
||||||
|
|
||||||
|
* SECURITY: upgrade base docker image (Alpine) from 3.20.1 to 3.20.2. See [alpine 3.20.2 release notes](https://alpinelinux.org/posts/Alpine-3.20.2-released.html).
|
||||||
|
|
||||||
* FEATURE: [vmauth](https://docs.victoriametrics.com/vmauth/): add `keep_original_host` option, which can be used for proxying the original `Host` header from client request to the backend. By default the backend host is used as `Host` header when proxying requests to the configured backends. See [these docs](https://docs.victoriametrics.com/vmauth/#host-http-header).
|
* FEATURE: [vmauth](https://docs.victoriametrics.com/vmauth/): add `keep_original_host` option, which can be used for proxying the original `Host` header from client request to the backend. By default the backend host is used as `Host` header when proxying requests to the configured backends. See [these docs](https://docs.victoriametrics.com/vmauth/#host-http-header).
|
||||||
* FEATURE: [vmauth](https://docs.victoriametrics.com/vmauth/) now returns HTTP 502 status code when all upstream backends are not available. Previously, it returned HTTP 503 status code. This change aligns vmauth behavior with other well-known reverse-proxies behavior.
|
* FEATURE: [vmauth](https://docs.victoriametrics.com/vmauth/) now returns HTTP 502 status code when all upstream backends are not available. Previously, it returned HTTP 503 status code. This change aligns vmauth behavior with other well-known reverse-proxies behavior.
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue