Details
https://docs.docker.com/userguide/dockerimages/
Solution
Follow the below steps to rebuild the images with security patches-
Step 1- ‘docker pull’ all the base images (i.e., given your set of Dockerfiles, extract all
images declared in ‘FROM’ instructions, and re-pull them to check for an updated/patched
versions). Patch the packages within the images too.
Step 2- Force a rebuild of each image with ‘docker build –no-cache’.
Step 3- Restart all containers with the updated images.You could also use ONBUILD directive in the Dockerfile to trigger particular update
instructions for images that you know are used as base images frequently.Impact-NoneDefault Value-By default, containers and images are not updated of their own.
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system Unix.