Update libsasl in both ubuntu/ubi toolkit images to address CVE-2022-24407

This commit is contained in:
Christopher Desiniotis 2022-03-16 17:41:21 +00:00
parent cf74d14504
commit e2d1d379d5
2 changed files with 11 additions and 1 deletions

View File

@ -42,11 +42,12 @@ stages:
.dist-centos7: .dist-centos7:
variables: variables:
DIST: centos7 DIST: centos7
CVE_UPDATES: "nss" CVE_UPDATES: "cyrus-sasl-lib"
.dist-centos8: .dist-centos8:
variables: variables:
DIST: centos8 DIST: centos8
CVE_UPDATES: "cyrus-sasl-lib"
.dist-debian10: .dist-debian10:
variables: variables:
@ -63,6 +64,7 @@ stages:
.dist-ubi8: .dist-ubi8:
variables: variables:
DIST: ubi8 DIST: ubi8
CVE_UPDATES: "cyrus-sasl-lib"
.dist-ubuntu16.04: .dist-ubuntu16.04:
variables: variables:
@ -71,6 +73,7 @@ stages:
.dist-ubuntu18.04: .dist-ubuntu18.04:
variables: variables:
DIST: ubuntu18.04 DIST: ubuntu18.04
CVE_UPDATES: "libsasl2-2 libsasl2-modules-db"
.dist-packaging: .dist-packaging:
variables: variables:

View File

@ -92,4 +92,11 @@ LABEL description="See summary"
COPY ./LICENSE /licenses/LICENSE COPY ./LICENSE /licenses/LICENSE
# Install / upgrade packages here that are required to resolve CVEs
ARG CVE_UPDATES
RUN if [ -n "${CVE_UPDATES}" ]; then \
apt-get update && apt-get upgrade -y ${CVE_UPDATES} && \
rm -rf /var/lib/apt/lists/*; \
fi
ENTRYPOINT ["/work/nvidia-toolkit"] ENTRYPOINT ["/work/nvidia-toolkit"]