Draft: Remove unnecessary glibc-related RPM packages (!3) · Merge requests · Iron Bank Containers / Microsoft / microsoft / microsoft-sql-server-2019-rhel8

#1 (closed)

The goal of this changeset is to remove from the container image unnecessary glibc-related RPMs in which security vulnerabilities were found by the scanning pipeline. Given that the RPMs are not actually required by the container at runtime, it should be safe to remove them.

Summary of the change:

Added removeUnnecessaryPackages() in scripts/install_external.sh to remove glibc-devel and glibc-langpack-en.

The list of RPMs deleted after adding this change is the following:

binutils-2.30-79.el8.x86_64
cpp-8.3.1-5.1.el8.x86_64
gcc-8.3.1-5.1.el8.x86_64
gcc-gdb-plugin-8.3.1-5.1.el8.x86_64
glibc-devel-2.28-127.el8_3.2.x86_64
glibc-headers-2.28-127.el8_3.2.x86_64
glibc-langpack-en-2.28-127.el8_3.2.x86_64
isl-0.16.1-6.el8.x86_64
kernel-headers-4.18.0-240.15.1.el8_3.x86_64
libgomp-8.3.1-5.1.el8.x86_64
libmpc-1.0.2-9.el8.x86_64
libxcrypt-devel-4.1.1-4.el8.x86_64

Edited Apr 07, 2021 by Salvador Orozco Villalever

Draft: Remove unnecessary glibc-related RPM packages

Merge request reports