diff options
author | 2021-12-15 15:25:30 -0500 | |
---|---|---|
committer | 2021-12-15 21:02:14 +0000 | |
commit | 616dfb0f19f7f93f6b33a9bf658e30a785b7c113 (patch) | |
tree | 118fe565e269817f52d7b87f3e94d489be795f21 /installation/ueb-listener/src/main/docker/Dockerfile | |
parent | 35732113adba6f15d5cd5c6ac3db58c9ea4fe0a8 (diff) |
Remediate log4shell vulnerability2.2.4
Remove JndiLookup.class to remediate log4shell vulnerability
Issue-ID: CCSDK-3556
Signed-off-by: Dan Timoney <dtimoney@att.com>
Change-Id: Iadfd1f01bd7949a1a60d67bb9dca121024adaeb8
Former-commit-id: 17f7ccb3e64db4e18780e01fcb29d663cff68d7e
Diffstat (limited to 'installation/ueb-listener/src/main/docker/Dockerfile')
-rw-r--r-- | installation/ueb-listener/src/main/docker/Dockerfile | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/installation/ueb-listener/src/main/docker/Dockerfile b/installation/ueb-listener/src/main/docker/Dockerfile index 88d31e31..0df998be 100644 --- a/installation/ueb-listener/src/main/docker/Dockerfile +++ b/installation/ueb-listener/src/main/docker/Dockerfile @@ -1,12 +1,18 @@ # Base alpine with added packages needed for open ecomp FROM onap/ccsdk-alpine-j11-image:${ccsdk.docker.version} AS stage0 - +USER root ENV SDNC_CONFIG_DIR /opt/onap/sdnc/data/properties # copy deliverables to opt COPY opt /opt +# Remediate log4shell vuln +RUN apk add zip +RUN zip -q -d /opt/onap/sdnc/ueb-listener/lib/log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class + + + # End of stage0 FROM onap/ccsdk-alpine-j11-image:${ccsdk.docker.version} |