fix: [NPM] Update Ubuntu Base Image to 24.04 #3741
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode characters
| /azp run Azure Container Networking PR |
| /azp run NPM Conformance Tests |
| Azure Pipelines successfully started running 1 pipeline(s). |
| /azp run NPM Scale Test |
| Azure Pipelines successfully started running 1 pipeline(s). |
1 similar comment
| Azure Pipelines successfully started running 1 pipeline(s). |
There was a problem hiding this comment.
Pull Request Overview
Updates the Ubuntu base image from 20.04 to 24.04 and pins two packages to address CVE-2025-4598.
- Bump Docker base image to Ubuntu 24.04
- Pin
libsystemd0andlibudev1to255.4-1ubuntu8.8in the installation step
Comments suppressed due to low confidence (1)
npm/linux.Dockerfile:11
- Please add a comment above this
RUNinstruction to note that the version pinning oflibsystemd0andlibudev1is a temporary workaround for CVE-2025-4598 until the base image updates these packages.
RUN apt-get update && apt-get install -y libsystemd0=255.4-1ubuntu8.8 libudev1=255.4-1ubuntu8.8 iptables ipset ca-certificates && apt-get autoremove -y && apt-get clean 
matmerr approved these changes Jun 17, 2025
| /azp run NPM Conformance Tests |
| Azure Pipelines successfully started running 1 pipeline(s). |
vakalapa approved these changes Jun 17, 2025
4 tasks
rayaisaiah added a commit that referenced this pull request Jun 18, 2025
fix: [NPM] Update Ubuntu Base Image to 24.04 (#3741) bump ubuntu to 24.04
sivakami-projects pushed a commit that referenced this pull request Oct 23, 2025
bump ubuntu to 24.04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit. This suggestion is invalid because no changes were made to the code. Suggestions cannot be applied while the pull request is closed. Suggestions cannot be applied while viewing a subset of changes. Only one suggestion per line can be applied in a batch. Add this suggestion to a batch that can be applied as a single commit. Applying suggestions on deleted lines is not supported. You must change the existing code in this line in order to create a valid suggestion. Outdated suggestions cannot be applied. This suggestion has been applied or marked resolved. Suggestions cannot be applied from pending reviews. Suggestions cannot be applied on multi-line comments. Suggestions cannot be applied while the pull request is queued to merge. Suggestion cannot be applied right now. Please check back later.
Reason for Change:
Bumps the NPM Ubuntu base image version from
20.04to24.04as20.04is EOL and no longer supported (https://ubuntu.com/blog/ubuntu-20-04-lts-end-of-life-standard-support-is-coming-to-an-end-heres-how-to-prepare).Manually updates the Ubuntu packages
libsystemd0andlibudev1to255.4-1ubuntu8.8or elseCVE-2025-4598is present in the image (Will revert later when base image updates packages to resolve the vulnerability):Trivy scan of NPM linux with changes to dockerfile (with manual package updates):
Tests Ran:
Issue Fixed:
Requirements:
Notes:
Releasing from
release/v1.6branch instead ofrelease/v1.5due to Ubuntu base image update as well as v1.5 will be not be supported soon (due to k8s dependencies not matching with our offerings as it is tied to 1.27-1.29).