Skip to content
This repository has been archived by the owner on Jun 27, 2024. It is now read-only.

fix: Alpine package updated to fix CVE #77

Merged
merged 1 commit into from
Sep 1, 2021
Merged

fix: Alpine package updated to fix CVE #77

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
fix: Alpine package updated to fix CVE 
CVE-2021-3711 and CVE-2021-3712
  • Loading branch information
@lholota
lholota committed Sep 1, 2021
commit f26902350d81d916d3ab573b06b0f46a7934e4e2
8 changes: 6 additions & 2 deletions alpine/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,8 +11,12 @@ ENV S6_BEHAVIOUR_IF_STAGE2_FAILS=2
ADD https://github.com/just-containers/s6-overlay/releases/download/${S6_VERSION}/s6-overlay-${CPU_ARCH}.tar.gz /tmp/

RUN tar xzf /tmp/s6-overlay-${CPU_ARCH}.tar.gz -C / && \
# This package is included in the base image. It's explicitly upgrade to avoid CVE-2021-36159
apk add --no-cache apk-tools=2.12.7-r0 && \
# These packages are included in the base image. They are explicitly upgrade to vulnerabilities below
apk add --no-cache \
# CVE-2021-36159
apk-tools=2.12.7-r0 \
# CVE-2021-3711, CVE-2021-3712
libssl1.1=1.1.1l-r0 && \
apk add --no-cache shadow=4.8.1-r0 && \
rm /tmp/s6-overlay-${CPU_ARCH}.tar.gz

Expand Down