Hi Apollo team,
Is there any chance the Docker image "latest" could be re-built on Dockerhub?
It's using an older version of tomcat9 (9.0.16) that contains several "critical" vulnerabilities (CVE-2019-17569, CVE-2020-1935, CVE-2020-1938) that are patched in the newer version of tomcat9 now available in the Ubuntu 18.04 repository (9.0.43-3)
Our university sysadmin group has prohibited Web Apollo from running on our server until these vulnerabilities are addressed. We can also just clone the GitHub repo and build it ourselves, but I thought it might be better for everyone if it were more officially addressed?
I'm assuming that rebuilding the image should
pull down the latest (safest) version of tomcat9, at least from looking at your Dockerfile
Any and all help or advice is appreciated, thanks!