A lot of software today is distributed in the form of docker images.
Often these images are based on minimal base images (like alpine, Ubuntu etc).
When there is a security update to these base images, the software vendor should pull in these updates and release a new version of their image as well. But most do not. Instead they wait for a new release of their own software to release a new image.<p>So my question is: How do you mitigate this?<p>Do you just run the potentially outdated images?<p>Do you manually recreate images based on the software vendor’s dockerfile (so you can create new images when the base image updates)?<p>Any other ideas I‘m not thinking of?<p>Curious to hear from your experience.