Skip to content

Updated to CF Buildpack v4.24.0

Choose a tag to compare

View all tags
@zlogic zlogic released this 24 Dec 09:43
· 19 commits to master since this release
v3.5.0
c116bfc
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
  • Updated to use CF Buildpack v4.24.0 #135 #134
    • This updates CF Buildpack dependencies to the latest version, including fixes for CVE-2021-44228 and CVE-2021-45046
    • Images built with the default Docker Mendix Buildpack settings are not expected to contain the vulnerable log4j-core library. However vulnerable versions of log4j-core might still be present if they're included through project modules or Java actions.
    • To confirm that your container images are not affected by the log4j CVEs, use a container security scanner - for example, the Trivy container image scanner.
  • Switched rootfs from the full ubi image to ubi-minimal - to exclude unnecessary dependencies and improve CVE scores #134
Assets 2
Loading