From ce8133d26e3ca26feda1a038738a8b82e8c6405a Mon Sep 17 00:00:00 2001 From: Anish Ramasekar Date: Mon, 11 Jul 2022 20:25:45 +0000 Subject: [PATCH] security: fix CVE-2021-4209 Signed-off-by: Anish Ramasekar --- docker/Dockerfile | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/docker/Dockerfile b/docker/Dockerfile index 75f1d0fbc..403fab984 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -29,7 +29,8 @@ RUN export GOOS=$TARGETOS && \ FROM $BASEIMAGE COPY --from=builder /go/src/sigs.k8s.io/secrets-store-csi-driver/_output/secrets-store-csi /secrets-store-csi # upgrading gpgv due to CVE-2022-34903 -RUN clean-install ca-certificates mount gpgv +# upgrading libgnutls30 due to CVE-2021-4209 +RUN clean-install ca-certificates mount gpgv libgnutls30 LABEL maintainers="ritazh" LABEL description="Secrets Store CSI Driver"