summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorChuanyu Chen <chenchuanyu@huawei.com>2018-05-29 01:55:48 +0000
committerGerrit Code Review <gerrit@onap.org>2018-05-29 01:55:48 +0000
commitc28f12b8fee6918fd622467be7cc8a0b5ab083ce (patch)
tree1fa6b6711ea61af93e5755695c2ebc0f8f9bb32b
parent903d435483d30ec75aa46e68b63bdc513d56f695 (diff)
parentccc4a13a575a4d3ad0ec729c59f9d20afc752052 (diff)
Merge "Fix library CVEs in SO"
-rw-r--r--packages/docker/src/main/docker/docker-files/Dockerfile.mso-chef-final48
1 files changed, 33 insertions, 15 deletions
diff --git a/packages/docker/src/main/docker/docker-files/Dockerfile.mso-chef-final b/packages/docker/src/main/docker/docker-files/Dockerfile.mso-chef-final
index 7b5f06ae98..bbb3d1e4bf 100644
--- a/packages/docker/src/main/docker/docker-files/Dockerfile.mso-chef-final
+++ b/packages/docker/src/main/docker/docker-files/Dockerfile.mso-chef-final
@@ -54,22 +54,40 @@ RUN echo "deb http://archive.ubuntu.com/ubuntu/ artful main restricted" >> /etc/
# For CVE-2016-6303 CVE-2016-2182 CVE-2016-2177
# libpcre3 2:8.39-5ubuntu3
# For CVE-2016-3191 CVE-2016-1283
+# berkeleydb
+# For CVE-2016-3418 CVE-2016-0694 CVE-2016-0689 CVE-2016-0682
+# jetty
+# For CVE-2017-9735
+# libxi
+# For CVE-2016-7946 CVE-2016-7945
+# xalan
+# For CVE-2014-0107
+# git
+# For CVE-2017-14867
+#
+
USER root
-RUN apt-get -y install \
- libkrb5-3=1.16-2build1 krb5-locales=1.16-2build1 \
- libvorbis0a=1.3.5-4ubuntu0.2 \
- libx11-6=2:1.6.4-3 libx11-data=2:1.6.4-3 libx11-doc=2:1.6.4-3 libx11-xcb1=2:1.6.4-3 \
- libxtst6=2:1.2.3-1 \
- ncurses-base=6.1-1ubuntu1 ncurses-bin=6.1-1ubuntu1 libncurses5=6.1-1ubuntu1 libncursesw5=6.1-1ubuntu1 \
- libsqlite3-0=3.22.0-1 \
- libtiff5=4.0.8-5ubuntu0.1 \
- passwd=1:4.5-1ubuntu1 \
- perl-base=5.26.0-8ubuntu1.1 \
- zlib1g=1:1.2.11.dfsg-0ubuntu2 \
- libexpat1=2.2.5-3 \
- libc-bin=2.26-0ubuntu2.1 libc6=2.26-0ubuntu2.1 \
- openssl=1.1.0g-2ubuntu4 \
- libpcre3=2:8.39-5ubuntu3
+RUN apt-get -y --only-upgrade install \
+ libkrb5-3 krb5-locales \
+ libvorbis0a \
+ libx11-6 libx11-data libx11-doc libx11-xcb1 \
+ libxtst6 \
+ ncurses-base ncurses-bin libncurses5 libncursesw5 \
+ libsqlite3-0 \
+ libtiff5 \
+ passwd \
+ perl-base \
+ openssl \
+ zlib1g \
+ libdb5.3 \
+ libc-bin libc6 multiarch-support \
+ libxi6 \
+ libpcre3 \
+ expat \
+ jetty9 \
+ xalan \
+ git
+
RUN apt-get install -y netcat curl && curl -LO https://packages.chef.io/files/stable/chefdk/2.5.3/ubuntu/16.04/chefdk_2.5.3-1_amd64.deb && curl -LO http://central.maven.org/maven2/org/mariadb/jdbc/mariadb-java-client/1.5.4/mariadb-java-client-1.5.4.jar && apt-get remove --purge -y curl && apt-get autoremove -y