From f2da63dbece0e4b1d7058a9ccc9cbf7934ce2c8c Mon Sep 17 00:00:00 2001
From: Gary Wu <gary.i.wu@huawei.com>
Date: Mon, 7 May 2018 17:21:22 -0700
Subject: Fix additional library CVEs in sdc-docker-base

Fix CVEs around the following packages:
  binutils
  jq
  libtasn1
  libpng
  curl libcurl

Change-Id: Ib9b8419e3f35072a43bdc88a92255ee6f8968943
Issue-ID: SDC-1310
Signed-off-by: Gary Wu <gary.i.wu@huawei.com>
---
 base_sdc-sanity/Dockerfile | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

(limited to 'base_sdc-sanity')

diff --git a/base_sdc-sanity/Dockerfile b/base_sdc-sanity/Dockerfile
index ce53b20..6eac58d 100644
--- a/base_sdc-sanity/Dockerfile
+++ b/base_sdc-sanity/Dockerfile
@@ -3,4 +3,7 @@ FROM openjdk:8-jdk-alpine
 # Install Chef
 RUN set -ex && \
     apk add --no-cache curl vim bash=4.4.19-r1 build-base=0.5-r0 ruby=2.4.4-r0 ruby-dev=2.4.4-r0 libffi-dev=3.2.1-r4 libxml2-dev=2.9.7-r0 && \
-    gem install chef:13.8.5 berkshelf:6.3.1 io-console:0.4.6 --no-document
+    gem install chef:13.8.5 berkshelf:6.3.1 io-console:0.4.6 --no-document && \
+    echo "http://nl.alpinelinux.org/alpine/edge/main" >> /etc/apk/repositories && \
+    apk update && \
+    apk add binutils=2.30-r1 curl=7.59.0-r1 libcurl=7.59.0-r1 libtasn1=4.13-r0
-- 
cgit 1.2.3-korg