security: fix CVE-2022-2068

Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
kubernetes-sigs · Jun 28, 2022 · c524aef · c524aef
1 parent b37cadc
commit c524aef
Show file tree

Hide file tree

Showing 3 changed files with 4 additions and 3 deletions.
diff --git a/Makefile b/Makefile
@@ -30,7 +30,7 @@ E2E_PROVIDER_IMAGE_NAME ?= e2e-provider
 # Release version is the current supported release for the driver
 # Update this version when the helm chart is being updated for release
 RELEASE_VERSION := v1.2.0
-IMAGE_VERSION ?= v1.2.0
+IMAGE_VERSION ?= v1.2.0.0
 
 # Use a custom version for E2E tests if we are testing in CI
 ifdef CI

diff --git a/docker/Dockerfile b/docker/Dockerfile
@@ -29,7 +29,8 @@ RUN export GOOS=$TARGETOS && \
 FROM $BASEIMAGE
 COPY --from=builder /go/src/sigs.k8s.io/secrets-store-csi-driver/_output/secrets-store-csi /secrets-store-csi
 # upgrading dpkg due to CVE-2022-1664
-RUN clean-install ca-certificates mount dpkg
+# upgrading libssl1.1 due to CVE-2022-2068
+RUN clean-install ca-certificates mount dpkg libssl1.1
 
 LABEL maintainers="ritazh"
 LABEL description="Secrets Store CSI Driver"

diff --git a/docker/Makefile b/docker/Makefile
@@ -15,7 +15,7 @@
 REGISTRY?=docker.io/deislabs
 IMAGE_NAME=driver
 CRD_IMAGE_NAME=driver-crds
-IMAGE_VERSION?=v1.2.0
+IMAGE_VERSION?=v1.2.0.0
 BUILD_TIMESTAMP := $(shell date +%Y-%m-%d-%H:%M)
 BUILD_COMMIT := $(shell git rev-parse --short HEAD)
 IMAGE_TAG=$(REGISTRY)/$(IMAGE_NAME):$(IMAGE_VERSION)