diff options
| author |   chenying83 <chenying83@huawei.com> | 2018-05-02 09:22:30 +0800 |
|---|---|---|
| committer | Ying Chen <chenying83@huawei.com> | 2018-05-23 01:13:20 +0000 |
| commit | ccc4a13a575a4d3ad0ec729c59f9d20afc752052 (patch) | |
| tree | b4d6da4814efa20ce315491eda2718ab76a5992d /packages/docker/src | |
| parent | a4558a93093d71c55300a8c85a4a2cdc09814f5c (diff) | |
Fix library CVEs in SO
Fix additional CVEs:
berkeleydb
For CVE-2016-3418 CVE-2016-0694 CVE-2016-0689 CVE-2016-0682
commons-email
For CVE-2017-9801
jasypt
For CVE-2014-9970
jetty
For CVE-2017-9735
libxi
For CVE-2016-7946 CVE-2016-7945
netty
For CVE-2016-4970
xalan
For CVE-2014-0107
Issue-ID: SO-579
Change-Id: Ifbc606367f2553f28b10b8a9644ece7785de6405
Signed-off-by: chenying83 <chenying83@huawei.com>
Diffstat (limited to 'packages/docker/src')
| -rw-r--r-- | packages/docker/src/main/docker/docker-files/Dockerfile.mso-chef-final | 48 |
1 files changed, 33 insertions, 15 deletions
diff --git a/packages/docker/src/main/docker/docker-files/Dockerfile.mso-chef-final b/packages/docker/src/main/docker/docker-files/Dockerfile.mso-chef-final index 7b5f06ae98..bbb3d1e4bf 100644 --- a/packages/docker/src/main/docker/docker-files/Dockerfile.mso-chef-final +++ b/packages/docker/src/main/docker/docker-files/Dockerfile.mso-chef-final @@ -54,22 +54,40 @@ RUN echo "deb http://archive.ubuntu.com/ubuntu/ artful main restricted" >> /etc/ # For CVE-2016-6303 CVE-2016-2182 CVE-2016-2177 # libpcre3 2:8.39-5ubuntu3 # For CVE-2016-3191 CVE-2016-1283 +# berkeleydb +# For CVE-2016-3418 CVE-2016-0694 CVE-2016-0689 CVE-2016-0682 +# jetty +# For CVE-2017-9735 +# libxi +# For CVE-2016-7946 CVE-2016-7945 +# xalan +# For CVE-2014-0107 +# git +# For CVE-2017-14867 +# + USER root -RUN apt-get -y install \ - libkrb5-3=1.16-2build1 krb5-locales=1.16-2build1 \ - libvorbis0a=1.3.5-4ubuntu0.2 \ - libx11-6=2:1.6.4-3 libx11-data=2:1.6.4-3 libx11-doc=2:1.6.4-3 libx11-xcb1=2:1.6.4-3 \ - libxtst6=2:1.2.3-1 \ - ncurses-base=6.1-1ubuntu1 ncurses-bin=6.1-1ubuntu1 libncurses5=6.1-1ubuntu1 libncursesw5=6.1-1ubuntu1 \ - libsqlite3-0=3.22.0-1 \ - libtiff5=4.0.8-5ubuntu0.1 \ - passwd=1:4.5-1ubuntu1 \ - perl-base=5.26.0-8ubuntu1.1 \ - zlib1g=1:1.2.11.dfsg-0ubuntu2 \ - libexpat1=2.2.5-3 \ - libc-bin=2.26-0ubuntu2.1 libc6=2.26-0ubuntu2.1 \ - openssl=1.1.0g-2ubuntu4 \ - libpcre3=2:8.39-5ubuntu3 +RUN apt-get -y --only-upgrade install \ + libkrb5-3 krb5-locales \ + libvorbis0a \ + libx11-6 libx11-data libx11-doc libx11-xcb1 \ + libxtst6 \ + ncurses-base ncurses-bin libncurses5 libncursesw5 \ + libsqlite3-0 \ + libtiff5 \ + passwd \ + perl-base \ + openssl \ + zlib1g \ + libdb5.3 \ + libc-bin libc6 multiarch-support \ + libxi6 \ + libpcre3 \ + expat \ + jetty9 \ + xalan \ + git + RUN apt-get install -y netcat curl && curl -LO https://packages.chef.io/files/stable/chefdk/2.5.3/ubuntu/16.04/chefdk_2.5.3-1_amd64.deb && curl -LO http://central.maven.org/maven2/org/mariadb/jdbc/mariadb-java-client/1.5.4/mariadb-java-client-1.5.4.jar && apt-get remove --purge -y curl && apt-get autoremove -y |