Skip to content

Commit

Permalink
security: fix CVE-2022-1271
Browse files Browse the repository at this point in the history 
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
  • Loading branch information
@aramase
aramase committed Apr 19, 2022
1 parent c7d852f commit 28a14d2
Showing 1 changed file with 2 additions and 1 deletion.
3 changes: 2 additions & 1 deletion docker/Dockerfile
View file
Expand Up @@ -29,7 +29,8 @@ RUN export GOOS=$TARGETOS && \
FROM $BASEIMAGE
COPY --from=builder /go/src/sigs.k8s.io/secrets-store-csi-driver/_output/secrets-store-csi /secrets-store-csi
# upgrading zlib1g due to CVE-2018-25032
RUN clean-install ca-certificates mount zlib1g
# upgrading gzip and liblzma5 due to CVE-2022-1271
RUN clean-install ca-certificates mount zlib1g gzip liblzma5

LABEL maintainers="ritazh"
LABEL description="Secrets Store CSI Driver"
Expand Down

0 comments on commit 28a14d2

Please sign in to comment.