[openstack-dev] [tc][infra][release][security][stable][kolla][loci][tripleo][docker][kubernetes] do we want to be publishing binary container images?
Jeremy Stanley
fungi at yuggoth.org
Tue May 16 23:03:40 UTC 2017
On 2017-05-16 19:56:31 +0000 (+0000), Fox, Kevin M wrote:
[...]
> Lets provide the tools to make it as easy as possible to identify
> containers with issues, and allow upgrading the system to newer
> ones.
>
> Which CVE's are on the system is somewhat less important then
> being able to get to newer versions installed easily. Right now,
> thats probably harder then it should be. If its hard, people won't
> do it.
[...]
My point (which I've trimmed because I don't have the patience to
undo your top-posting at the moment) was that security expectations
for these images should be clearly documented and communicated,
that's all. I'm not sure what you were reading into it.
--
Jeremy Stanley
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 949 bytes
Desc: Digital signature
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20170516/bcbe4db9/attachment.sig>
More information about the OpenStack-dev
mailing list