Hi,
I ran a few scans on the latest Application Server image (3.17.8) and I’m seeing a few Mediums (will become High in next few months due to deprecation, version changes, newly discovered vulnerabilities etc)
Are there any plans to upgrade these versions for a small release, say 3.17.9?
I don’t think any of those are used by the Go code that is exposed by the Application Server, so I’m not seeing the “vulnerabilities” you are referencing.
I agree with @bconway, Alpine comes with a few libraries included that aren’t used by ChirpStack. However, I am planning to work this week on a few v3 updates to include some other fixes.