From 94077a62092b5a0509cd5f6304d6e335298136ee Mon Sep 17 00:00:00 2001
From: Anish Ramasekar <anish.ramasekar@gmail.com>
Date: Tue, 9 Aug 2022 16:26:32 +0000
Subject: [PATCH] security: fix multiple CVEs

Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
---
 docker/Dockerfile | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/docker/Dockerfile b/docker/Dockerfile
index 51136037c..cc76f3ddc 100644
--- a/docker/Dockerfile
+++ b/docker/Dockerfile
@@ -28,7 +28,10 @@ RUN export GOOS=$TARGETOS && \
 
 FROM $BASEIMAGE
 COPY --from=builder /go/src/sigs.k8s.io/secrets-store-csi-driver/_output/secrets-store-csi /secrets-store-csi
-RUN clean-install ca-certificates mount
+# upgrading libtirpc-common due to CVE-2021-46828
+# upgrading libtirpc3 due to CVE-2021-46828
+# upgrading libgnutls30 due to CVE-2022-2509
+RUN clean-install ca-certificates mount libtirpc-common libtirpc3 libgnutls30
 
 LABEL maintainers="ritazh"
 LABEL description="Secrets Store CSI Driver"