From 36c729343bf53b1496a682ffcfc9c00f2d7f4e20 Mon Sep 17 00:00:00 2001 From: Anish Ramasekar Date: Tue, 9 Aug 2022 10:11:08 -0700 Subject: [PATCH] security: fix multiple CVEs (#522) Signed-off-by: Anish Ramasekar --- docker/proxy-init.Dockerfile | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/docker/proxy-init.Dockerfile b/docker/proxy-init.Dockerfile index 809076e..4ae33a1 100644 --- a/docker/proxy-init.Dockerfile +++ b/docker/proxy-init.Dockerfile @@ -4,7 +4,9 @@ FROM --platform=${TARGETPLATFORM:-linux/amd64} ${BASEIMAGE} # upgrading gpgv due to CVE-2022-34903 # upgrading libgnutls30 due to CVE-2021-4209 -RUN clean-install ca-certificates gpgv libgnutls30 +# upgrading libtirpc-common due to CVE-2021-46828 +# upgrading libtirpc3 due to CVE-2021-46828 +RUN clean-install ca-certificates gpgv libgnutls30 libtirpc-common libtirpc3 COPY ./init/init-iptables.sh /bin/ RUN chmod +x /bin/init-iptables.sh # Kubernetes runAsNonRoot requires USER to be numeric