From eec82d96f7451be2fb9ea4862b334784ca8b840e Mon Sep 17 00:00:00 2001 From: Isaiah Raya Date: Tue, 25 Feb 2025 11:08:22 -0800 Subject: [PATCH] fix: [NPM] [CVEs] Update NPM Linux Dockerfile to Fix Ubuntu Vulnerabilities (#3439) * updated npm linux dockerfile to run apt-get upgrade to fix ubuntu cves * updated to install specific packages --- npm/linux.Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/npm/linux.Dockerfile b/npm/linux.Dockerfile index d139e0c3a4..c2d3ecdf5c 100644 --- a/npm/linux.Dockerfile +++ b/npm/linux.Dockerfile @@ -8,6 +8,6 @@ RUN CGO_ENABLED=0 go build -v -o /usr/local/bin/azure-npm -ldflags "-X main.vers FROM mcr.microsoft.com/mirror/docker/library/ubuntu:20.04 COPY --from=builder /usr/local/bin/azure-npm /usr/bin/azure-npm -RUN apt-get update && apt-get install -y iptables ipset ca-certificates && apt-get autoremove -y && apt-get clean +RUN apt-get update && apt-get install -y libc-bin=2.31-0ubuntu9.17 libc6=2.31-0ubuntu9.17 libtasn1-6=4.16.0-2ubuntu0.1 iptables ipset ca-certificates && apt-get autoremove -y && apt-get clean RUN chmod +x /usr/bin/azure-npm ENTRYPOINT ["/usr/bin/azure-npm", "start"]