Patch a Docker Image With The Latest Security Updates

In this blog post, I will show you how I install the latest security updates on my Centos Docker image.

Security updates for many packages are updates all the time and before the official image is updated.

Docker images

Below you can see the latest CentOS Docker image I have on my system.

The image is 3 months old and missing a few security updates.

Rolling this image to production might be a security risk.

Update

To mitigate the risk of running an image with security vulnerabilities, I will install the updates on the image and commit them.

My first step will be deploying a Docker container named webserver with the CentOS image using the code below.

docker run -it --name webserver centos

From the container, I will run the command below, which will check for updates.

yum check-update

As you can see, I have a few updates that are available for installation.

Install a Single Package

To install a single update, I will use the following line.

yum update rpm.x86_64

Update All

To install all the available updates using a single command, I will run the code below.

yum update

Commit Image

In the last step, I will commit the image and save it.

docker commit webserver webservercore

Now, I can use it to run my applications as a base image.


Posted

in

by