From 2ba9ecc35e2637d4862f697bcd5e3f6569e60fe5 Mon Sep 17 00:00:00 2001 From: andyzhangx Date: Tue, 19 Apr 2022 10:48:37 +0000 Subject: [PATCH] fix: CVE-2022-1271 in image build fix --- Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index 0929790a..0bdabb2c 100644 --- a/Dockerfile +++ b/Dockerfile @@ -12,7 +12,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -FROM k8s.gcr.io/build-image/debian-base:bullseye-v1.1.0 +FROM k8s.gcr.io/build-image/debian-base:bullseye-v1.2.0 ARG ARCH ARG binary=./bin/${ARCH}/nfsplugin @@ -21,6 +21,6 @@ COPY ${binary} /nfsplugin RUN apt update && apt-mark unhold libcap2 RUN clean-install ca-certificates mount nfs-common netbase # install updated packages to fix CVE issues -RUN clean-install libgmp10 bsdutils libssl1.1 openssl libc6 libc-bin libsystemd0 libudev1 zlib1g +RUN clean-install zlib1g gzip liblzma5 ENTRYPOINT ["/nfsplugin"]