From 89056d358c1113b8a6c0d682e39cf6861a7bb498 Mon Sep 17 00:00:00 2001
From: Rene Leonhardt <65483435+reneleonhardt@users.noreply.github.com>
Date: Fri, 17 Nov 2023 10:03:16 +0100
Subject: [PATCH] Don't wait for alpine to build image with security fixes

---
 Dockerfile | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index f8952c09..d3f8e6c1 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -26,7 +26,13 @@ LABEL revision=$PRODUCT_REVISION
 ARG UID=100
 ARG GID=1000
 # Create a non-root user to run the software.
-RUN addgroup -g ${GID} ${BIN_NAME} \
+# Install security updates not included in alpine:3.18.4.
+# libcrypto3: CVE-2023-5363 CVE-2023-5678
+# libssl3: CVE-2023-5363 CVE-2023-5678
+RUN apk --no-cache upgrade \
+    libcrypto3 \
+    libssl3 \
+    && addgroup -g ${GID} ${BIN_NAME} \
     && adduser -u ${UID} -S -G ${BIN_NAME} ${BIN_NAME}
 
 # where the build system stores the builds