Skip to content

Commit

Permalink
Fix Docker images vulnerabilities in server base image
Browse files Browse the repository at this point in the history 
Latest fixes for two newer vulnerabilities - urllib3, libc6.

- urllib3 - Previous commit contains fixes by removing stale package versions. However, vulnerability still exists which is unusual since locally run docker image doesn't contain vulnerable file path. Possibly, next commit resolves this by using latest image.

- libc6 - No remediation available when vulnerability was just found. Remediation is provided now which suggests upgrading all installed packages in base ubuntu image.
  • Loading branch information
Mahadik, Mukul Chandrakant authored and Mahadik, Mukul Chandrakant committed Oct 19, 2023
1 parent e9aae02 commit 3042893
Showing 1 changed file with 2 additions and 0 deletions.
2 changes: 2 additions & 0 deletions Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,8 @@ RUN apt-get install -y -qq wget
# install jq to parse json within bash scripts
RUN apt-get install -y jq

RUN apt-get -y -qq update && apt-get -y -qq upgrade

# cleanup
RUN apt-get -y remove --purge build-essential
RUN apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
Expand Down

0 comments on commit 3042893

Please sign in to comment.