Update libsasl in both ubuntu/ubi toolkit images to address CVE-2022-24407

.common-ci.yml

@@ -42,11 +42,12 @@ stages:
 .dist-centos7:
   variables:
     DIST: centos7
-    CVE_UPDATES: "nss"
+    CVE_UPDATES: "cyrus-sasl-lib"
 
 .dist-centos8:
   variables:
     DIST: centos8
+    CVE_UPDATES: "cyrus-sasl-lib"
 
 .dist-debian10:
   variables:
@@ -63,6 +64,7 @@ stages:
 .dist-ubi8:
   variables:
     DIST: ubi8
+    CVE_UPDATES: "cyrus-sasl-lib"
 
 .dist-ubuntu16.04:
   variables:
@@ -71,6 +73,7 @@ stages:
 .dist-ubuntu18.04:
   variables:
     DIST: ubuntu18.04
+    CVE_UPDATES: "libsasl2-2 libsasl2-modules-db"
 
 .dist-packaging:
   variables:

build/container/Dockerfile.ubuntu

@@ -92,4 +92,11 @@ LABEL description="See summary"
 
 COPY ./LICENSE /licenses/LICENSE
 
+# Install / upgrade packages here that are required to resolve CVEs
+ARG CVE_UPDATES
+RUN if [ -n "${CVE_UPDATES}" ]; then \
+        apt-get update && apt-get upgrade -y ${CVE_UPDATES} && \
+        rm -rf /var/lib/apt/lists/*; \
+    fi
+
 ENTRYPOINT ["/work/nvidia-toolkit"]