From f2da63dbece0e4b1d7058a9ccc9cbf7934ce2c8c Mon Sep 17 00:00:00 2001 From: Gary Wu Date: Mon, 7 May 2018 17:21:22 -0700 Subject: Fix additional library CVEs in sdc-docker-base Fix CVEs around the following packages: binutils jq libtasn1 libpng curl libcurl Change-Id: Ib9b8419e3f35072a43bdc88a92255ee6f8968943 Issue-ID: SDC-1310 Signed-off-by: Gary Wu --- base_sdc-cqlsh/Dockerfile | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'base_sdc-cqlsh') diff --git a/base_sdc-cqlsh/Dockerfile b/base_sdc-cqlsh/Dockerfile index 59e84eb..3876ba9 100644 --- a/base_sdc-cqlsh/Dockerfile +++ b/base_sdc-cqlsh/Dockerfile @@ -4,4 +4,7 @@ RUN apk add --no-cache py-pip && \ pip install cqlsh==4.0.1 && \ set -ex && \ apk add --no-cache bash=4.4.19-r1 build-base=0.5-r0 ruby=2.4.4-r0 ruby-dev=2.4.4-r0 libffi-dev=3.2.1-r4 libxml2-dev=2.9.7-r0 && \ - gem install chef:13.8.5 berkshelf:6.3.1 io-console:0.4.6 --no-document + gem install chef:13.8.5 berkshelf:6.3.1 io-console:0.4.6 --no-document && \ + echo "http://nl.alpinelinux.org/alpine/edge/main" >> /etc/apk/repositories && \ + apk update && \ + apk add binutils=2.30-r1 libtasn1=4.13-r0 -- cgit 1.2.3-korg