fix(deps): bump alpine from 3.14.2 to 3.15.4 in /alpine (#114)

* fix(deps): bump alpine from 3.14.2 to 3.15.4 in /alpine Bumps alpine from 3.14.2 to 3.15.4. --- updated-dependencies: - dependency-name: alpine dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * fix: Package versions Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Lukas Holota <lholota@vistaprint.com> Co-authored-by: LH <l.holota@outlook.com>
homecentr · May 2, 2022 · e63c98d · e63c98d
1 parent 8d25e44
commit e63c98d
Showing 1 changed file with 4 additions and 4 deletions.
diff --git a/alpine/Dockerfile b/alpine/Dockerfile
@@ -1,4 +1,4 @@
-FROM alpine:3.14.2
+FROM alpine:3.15.4
 
 LABEL maintainer="Lukas Holota <me@lholota.com>"
 
@@ -14,10 +14,10 @@ RUN tar xzf /tmp/s6-overlay-${CPU_ARCH}.tar.gz -C / && \
     # These packages are included in the base image. They are explicitly upgrade to vulnerabilities below
     apk add --no-cache \
         # CVE-2021-36159
-        apk-tools=2.12.7-r0 \
+        apk-tools=2.12.7-r3 \
         # CVE-2021-3711, CVE-2021-3712
-        libssl1.1=1.1.1l-r0 && \
-    apk add --no-cache shadow=4.8.1-r0 && \
+        libssl1.1=1.1.1n-r0 \
+        shadow=4.8.1-r1 && \
     rm /tmp/s6-overlay-${CPU_ARCH}.tar.gz
 
 COPY ./fs /