GitHub user lhotari added a comment to the discussion: OS-level Vulnerabilities (CVE-2026-3104, CVE-2026-3805) and 4.2.1 Release Timeline
> Is there a planned release date for v4.2.1 that will include an updated base > image to resolve these? The release will start soon. It takes about 1-2 weeks from starting of the release process to it take it to completion. If you want a fix immediately, you can build the from branch-4.2 and create your own docker images. > I am assuming these will be automatically resolved when the new Docker images > are cut for the next patch release, but confirmation would help us align with > our internal compliance deadlines. Yes. For branch-4.2, the Alpine image is pulled with 3.23 tag and `apk upgrade --no-cache` is used to pull in any later updates. GitHub link: https://github.com/apache/pulsar/discussions/25553#discussioncomment-16635310 ---- This is an automatically sent email for [email protected]. To unsubscribe, please send an email to: [email protected]
