arno
/
kube-bench
mirror of https://github.com/aquasecurity/kube-bench.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Update/upgrade Alpine before installing openssl (#981)

Browse Source 
Mitigating CVE-2021-3711 and CVE-2021-3712

Signed-off-by: Dave Hay <david_hay@uk.ibm.com>

Co-authored-by: Yoav Rotem <yoavrotems97@gmail.com>
pull/982/head
Dave Hay 3 years ago committed by GitHub
parent b238a18aaa
commit 6d758d2011
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File

3
Dockerfile
Unescape View File

@ -22,7 +22,8 @@ RUN apk --no-cache upgrade apk-tools
# Openssl is used by OpenShift tests
# https://github.com/aquasecurity/kube-bench/issues/535
RUN apk --no-cache add openssl
# Ensuring that we update/upgrade before installing openssl, to mitigate CVE-2021-3711 and CVE-2021-3712
RUN apk update && apk upgrade && apk --no-cache add openssl
# Add glibc for running oc command
RUN wget -q -O /etc/apk/keys/sgerrand.rsa.pub https://alpine-pkgs.sgerrand.com/sgerrand.rsa.pub

Write Preview
Loading…
Cancel
Save