From f5fe0361e83bdf6230d0df6ad31ff6b2422bfbf0 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 13 Apr 2021 20:56:41 +0000 Subject: [PATCH 1/4] fix: package/Dockerfile to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-DEBIAN9-GLIBC-356851 - https://snyk.io/vuln/SNYK-DEBIAN9-GLIBC-356851 - https://snyk.io/vuln/SNYK-DEBIAN9-GLIBC-356851 - https://snyk.io/vuln/SNYK-DEBIAN9-SYSTEMD-345390 - https://snyk.io/vuln/SNYK-DEBIAN9-SYSTEMD-546478 --- package/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) mode change 100755 => 100644 package/Dockerfile diff --git a/package/Dockerfile b/package/Dockerfile old mode 100755 new mode 100644 index 9635f69..1b29ec5 --- a/package/Dockerfile +++ b/package/Dockerfile @@ -19,7 +19,7 @@ # Note that fluentd is run with root permssion to allow access to # log files with root only access under /var/log/containers/* -FROM debian:stretch-slim +FROM debian:buster-20210329-slim ARG DEBIAN_FRONTEND=noninteractive From 84b1abf7d151ce927e85be07878826f37fafc5fa Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 13 Apr 2021 21:03:04 +0000 Subject: [PATCH 2/4] fix: Dockerfile.dapper to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-UBUNTU1604-BASH-542609 - https://snyk.io/vuln/SNYK-UBUNTU1604-SYSTEMD-346739 - https://snyk.io/vuln/SNYK-UBUNTU1604-SYSTEMD-346739 - https://snyk.io/vuln/SNYK-UBUNTU1604-SYSTEMD-346739 - https://snyk.io/vuln/SNYK-UBUNTU1604-SYSTEMD-346739 --- Dockerfile.dapper | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile.dapper b/Dockerfile.dapper index cf8a508..8529354 100644 --- a/Dockerfile.dapper +++ b/Dockerfile.dapper @@ -1,4 +1,4 @@ -FROM ubuntu:16.04 +FROM ubuntu:groovy-20210325 # FROM arm=armhf/ubuntu:16.04 ARG DAPPER_HOST_ARCH From ee89da641d605a135f93e586168b96bbc8af32e6 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sat, 24 Apr 2021 07:18:32 +0000 Subject: [PATCH 3/4] fix: Dockerfile.dapper to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-UBUNTU2010-BASH-1030916 - https://snyk.io/vuln/SNYK-UBUNTU2010-NETTLE-1090730 - https://snyk.io/vuln/SNYK-UBUNTU2010-NETTLE-1090730 - https://snyk.io/vuln/SNYK-UBUNTU2010-SYSTEMD-1032137 - https://snyk.io/vuln/SNYK-UBUNTU2010-SYSTEMD-1032137 --- Dockerfile.dapper | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile.dapper b/Dockerfile.dapper index 8529354..be7960d 100644 --- a/Dockerfile.dapper +++ b/Dockerfile.dapper @@ -1,4 +1,4 @@ -FROM ubuntu:groovy-20210325 +FROM ubuntu:20.10 # FROM arm=armhf/ubuntu:16.04 ARG DAPPER_HOST_ARCH From 41dcfe25e517d0917f466a7d1b3ad6b89e607264 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Thu, 29 Apr 2021 05:57:03 +0000 Subject: [PATCH 4/4] fix: Dockerfile.dapper to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-UBUNTU2010-BASH-1030916 - https://snyk.io/vuln/SNYK-UBUNTU2010-SHADOW-1028989 - https://snyk.io/vuln/SNYK-UBUNTU2010-SHADOW-1028989 - https://snyk.io/vuln/SNYK-UBUNTU2010-SYSTEMD-1032137 - https://snyk.io/vuln/SNYK-UBUNTU2010-SYSTEMD-1032137 --- Dockerfile.dapper | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile.dapper b/Dockerfile.dapper index be7960d..028b86c 100644 --- a/Dockerfile.dapper +++ b/Dockerfile.dapper @@ -1,4 +1,4 @@ -FROM ubuntu:20.10 +FROM ubuntu:devel # FROM arm=armhf/ubuntu:16.04 ARG DAPPER_HOST_ARCH