From 2e4bd5730bc833306c18ea3a549c5e31b483d978 Mon Sep 17 00:00:00 2001
From: shuairan <S.Riedinger@gmail.com>
Date: Tue, 23 Feb 2016 19:15:48 +0100
Subject: [PATCH 1/2] update glibc to 2.23-r1 (fixes CVE-2015-7547)

---
 deploy/Dockerfile | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/deploy/Dockerfile b/deploy/Dockerfile
index 3971b04f8b..1cb9908445 100644
--- a/deploy/Dockerfile
+++ b/deploy/Dockerfile
@@ -1,12 +1,14 @@
 FROM alpine:3.2
 MAINTAINER dengnan@google.com vmarmol@google.com vishnuk@google.com jimmidyson@gmail.com
 
+ENV GLIBC_VERSION "2.23-r1"
+
 RUN apk add --update ca-certificates device-mapper && \
-    wget https://circle-artifacts.com/gh/andyshinn/alpine-pkg-glibc/8/artifacts/0/home/ubuntu/alpine-pkg-glibc/packages/x86_64/glibc-2.21-r2.apk && \
-    wget https://circle-artifacts.com/gh/andyshinn/alpine-pkg-glibc/8/artifacts/0/home/ubuntu/alpine-pkg-glibc/packages/x86_64/glibc-bin-2.21-r2.apk && \
-    apk add --allow-untrusted glibc-2.21-r2.apk glibc-bin-2.21-r2.apk && \
+    wget https://github.com/andyshinn/alpine-pkg-glibc/releases/download/${GLIBC_VERSION}/glibc-${GLIBC_VERSION}.apk && \
+    wget https://github.com/andyshinn/alpine-pkg-glibc/releases/download/${GLIBC_VERSION}/glibc-bin-${GLIBC_VERSION}.apk && \
+    apk add --allow-untrusted glibc-${GLIBC_VERSION}.apk glibc-bin-${GLIBC_VERSION}.apk && \
     apk add zfs-utils  --update-cache --repository http://dl-3.alpinelinux.org/alpine/edge/testing/ --allow-untrusted  && \
-    /usr/glibc/usr/bin/ldconfig /lib /usr/glibc/usr/lib && \
+    /usr/glibc-compat/sbin/ldconfig /lib /usr/glibc/usr/lib && \
     echo 'hosts: files mdns4_minimal [NOTFOUND=return] dns mdns4' >> /etc/nsswitch.conf && \
     rm -rf /var/cache/apk/*
 

From fc8cc89121485d960d3952dafca609c32b85ca17 Mon Sep 17 00:00:00 2001
From: shuairan <S.Riedinger@gmail.com>
Date: Tue, 23 Feb 2016 19:38:19 +0100
Subject: [PATCH 2/2] fixed ldconfigs glibc path

---
 deploy/Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/deploy/Dockerfile b/deploy/Dockerfile
index 1cb9908445..e1ebd88c24 100644
--- a/deploy/Dockerfile
+++ b/deploy/Dockerfile
@@ -8,7 +8,7 @@ RUN apk add --update ca-certificates device-mapper && \
     wget https://github.com/andyshinn/alpine-pkg-glibc/releases/download/${GLIBC_VERSION}/glibc-bin-${GLIBC_VERSION}.apk && \
     apk add --allow-untrusted glibc-${GLIBC_VERSION}.apk glibc-bin-${GLIBC_VERSION}.apk && \
     apk add zfs-utils  --update-cache --repository http://dl-3.alpinelinux.org/alpine/edge/testing/ --allow-untrusted  && \
-    /usr/glibc-compat/sbin/ldconfig /lib /usr/glibc/usr/lib && \
+    /usr/glibc-compat/sbin/ldconfig /lib /usr/glibc-compat/lib && \
     echo 'hosts: files mdns4_minimal [NOTFOUND=return] dns mdns4' >> /etc/nsswitch.conf && \
     rm -rf /var/cache/apk/*