Skip to content

Update docker image to UBI 10 #26068

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jul 22, 2025
Merged

Update docker image to UBI 10 #26068

merged 1 commit into from
Jul 22, 2025

Conversation

@wendigo
Copy link
Contributor

@wendigo wendigo commented Jun 25, 2025

Which is RHEL10 compatible

Description

Additional context and related issues

Release notes

(x) This is not user-visible or is docs only, and no release notes are required.
( ) Release notes are required. Please propose a release note for me.
( ) Release notes are required, with the following suggested text:

## Section
* Fix some things. ({issue}`issuenumber`)

@wendigo wendigo requested a review from mosabua June 25, 2025 16:09
@cla-bot cla-bot bot added the cla-signed label Jun 25, 2025
@wendigo wendigo requested review from Copilot and martint June 25, 2025 16:10
Copilot AI reviewed Jun 25, 2025
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR updates the Docker base images from UBI 9 to UBI 10 for RHEL10 compatibility.

  • Replaces the base image "registry.access.redhat.com/ubi9/ubi:latest" with "redhat/ubi10".
  • Updates the minimal/micro image from "registry.access.redhat.com/ubi9/ubi-micro:latest" to "redhat/ubi10-micro:latest".

@wendigo wendigo requested review from ebyhr and losipiuk June 26, 2025 10:27
@wendigo
Copy link
Contributor Author

wendigo commented Jun 26, 2025

UBI9:

coreutils               8.32-39.el9                            rpm           CVE-2025-5278        Medium
coreutils-common        8.32-39.el9                            rpm           CVE-2025-5278        Medium
curl-minimal            7.76.1-31.el9                          rpm           CVE-2024-11053       Low
curl-minimal            7.76.1-31.el9                          rpm           CVE-2024-7264        Low
curl-minimal            7.76.1-31.el9                          rpm           CVE-2024-9681        Low
gawk                    5.1.0-6.el9                            rpm           CVE-2023-4156        Low
glibc                   2.34-168.el9_6.19                      rpm           CVE-2025-5702        Medium
glibc-common            2.34-168.el9_6.19                      rpm           CVE-2025-5702        Medium
glibc-minimal-langpack  2.34-168.el9_6.19                      rpm           CVE-2025-5702        Medium
libcurl                 7.76.1-31.el9                          rpm           CVE-2024-11053       Low
libcurl                 7.76.1-31.el9                          rpm           CVE-2024-7264        Low
libcurl                 7.76.1-31.el9                          rpm           CVE-2024-9681        Low
libgcc                  11.5.0-5.el9_5                         rpm           CVE-2022-27943       Low
libssh                  0.10.4-13.el9                          rpm           CVE-2025-5318        Medium
libssh-config           0.10.4-13.el9                          rpm           CVE-2025-5318        Medium
libstdc++               11.5.0-5.el9_5                         rpm           CVE-2022-27943       Low
ncurses-base            6.2-10.20210508.el9                    rpm           CVE-2022-29458       Low
ncurses-base            6.2-10.20210508.el9                    rpm           CVE-2023-45918       Low
ncurses-base            6.2-10.20210508.el9                    rpm           CVE-2023-50495       Low
ncurses-libs            6.2-10.20210508.el9                    rpm           CVE-2022-29458       Low
ncurses-libs            6.2-10.20210508.el9                    rpm           CVE-2023-45918       Low
ncurses-libs            6.2-10.20210508.el9                    rpm           CVE-2023-50495       Low
openldap                2.6.8-4.el9                            rpm           CVE-2023-2953        Low
openssl-libs            1:3.2.2-6.el9_5.1                      rpm           CVE-2024-13176       Low
openssl-libs            1:3.2.2-6.el9_5.1    (won't fix)       rpm           CVE-2024-41996       Low
pcre2                   10.40-6.el9                            rpm           CVE-2022-41409       Low
pcre2-syntax            10.40-6.el9                            rpm           CVE-2022-41409       Low
shadow-utils            2:4.9-12.el9                           rpm           CVE-2024-56433       Medium
tar                     2:1.34-7.el9         (won't fix)       rpm           CVE-2005-2541        Medium
tar                     2:1.34-7.el9                           rpm           CVE-2023-39804       Low

UBI10:

coreutils               9.5-6.el10                         rpm           CVE-2025-5278        Medium
coreutils-common        9.5-6.el10                         rpm           CVE-2025-5278        Medium
curl                    8.9.1-5.el10                       rpm           CVE-2024-6197        Medium
curl                    8.9.1-5.el10                       rpm           CVE-2024-11053       Low
curl                    8.9.1-5.el10                       rpm           CVE-2024-7264        Low
glibc                   2.39-37.el10                       rpm           CVE-2025-5702        Medium
glibc-common            2.39-37.el10                       rpm           CVE-2025-5702        Medium
glibc-minimal-langpack  2.39-37.el10                       rpm           CVE-2025-5702        Medium
libcurl                 8.9.1-5.el10                       rpm           CVE-2024-6197        Medium
libcurl                 8.9.1-5.el10                       rpm           CVE-2024-11053       Low
libcurl                 8.9.1-5.el10                       rpm           CVE-2024-7264        Low
libssh                  0.11.1-1.el10                      rpm           CVE-2025-5318        Medium
libssh-config           0.11.1-1.el10                      rpm           CVE-2025-5318        Medium
libtasn1                4.20.0-1.el10                      rpm           CVE-2024-12133       Medium
openssl-libs            1:3.2.2-16.el10                    rpm           CVE-2024-12797       High
openssl-libs            1:3.2.2-16.el10                    rpm           CVE-2024-13176       Low
openssl-libs            1:3.2.2-16.el10  (won't fix)       rpm           CVE-2024-41996       Low
openssl-libs            1:3.2.2-16.el10                    rpm           CVE-2024-4603        Low
openssl-libs            1:3.2.2-16.el10                    rpm           CVE-2024-4741        Low
openssl-libs            1:3.2.2-16.el10                    rpm           CVE-2024-5535        Low
shadow-utils            2:4.15.0-5.el10                    rpm           CVE-2024-56433       Medium

@mosabua
Copy link
Member

mosabua commented Jun 27, 2025

Awesome .. I might need to do that in trino-packages in my current PR for 476 as well

@github-actions
Copy link

github-actions bot commented Jul 21, 2025

This pull request has gone a while without any activity. Ask for help on #core-dev on Trino slack.

@github-actions github-actions bot added the stale label Jul 21, 2025
@wendigo
Update docker image to UBI 10
be665bb 
Which is RHEL10 compatible
@wendigo wendigo merged commit 6abf6a9 into master Jul 22, 2025
103 of 104 checks passed
@wendigo wendigo deleted the serafin/ubi-10 branch July 22, 2025 09:03
@github-actions github-actions bot added this to the 477 milestone Jul 22, 2025
@ebyhr ebyhr mentioned this pull request Aug 6, 2025
Merged
@sherif-fanous sherif-fanous mentioned this pull request Oct 30, 2025
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@mosabua mosabua mosabua approved these changes

@martint martint Awaiting requested review from martint

@losipiuk losipiuk Awaiting requested review from losipiuk

@ebyhr ebyhr Awaiting requested review from ebyhr

Assignees

No one assigned

Labels

cla-signed stale

Milestone

477

Development

Successfully merging this pull request may close these issues.

4 participants

@wendigo @mosabua @losipiuk