From: Petri Ovaska Date: Thu, 26 Aug 2021 13:20:53 +0000 (+0300) Subject: Fix DBAAS (alpine3.11) vulnerabilities found in package apk-tools X-Git-Tag: 0.5.3^0 X-Git-Url: https://gerrit.o-ran-sc.org/r/gitweb?a=commitdiff_plain;h=d4949b48aebbd2ab7b86c77cd9c2d6afd1ab70f0;p=ric-plt%2Fdbaas.git Fix DBAAS (alpine3.11) vulnerabilities found in package apk-tools CRITICAL apk-tools (fixed in: 2.10.7-r0) CVE-2021-36159 HIGH apk-tools (fixed in: 2.10.6-r0) CVE-2021-30139 Upgrading apk-tools 2.10.5-r0 -> 2.10.8-r0 in Alpine 3.11 image. Issue-Id: RIC-828 Change-Id: I274e18254bdae7784ed1e25e5469bd09b7b43cc5 Signed-off-by: Petri Ovaska --- diff --git a/container-tag.yaml b/container-tag.yaml index 8b64fad..e5cc37b 100644 --- a/container-tag.yaml +++ b/container-tag.yaml @@ -2,4 +2,4 @@ # This file is expected to be in the docker build directory; # can be moved with suitable JJB configuration. --- -tag: '0.5.2' +tag: '0.5.3' diff --git a/docker/Dockerfile.redis b/docker/Dockerfile.redis index 50ffeea..bf13ec4 100644 --- a/docker/Dockerfile.redis +++ b/docker/Dockerfile.redis @@ -73,7 +73,12 @@ RUN ./autogen.sh && \ FROM redis:5.0.9-alpine3.11 as build -RUN apk --update add --upgrade --no-cache openssl ssl_client musl-utils busybox +RUN apk --update add --upgrade --no-cache \ + apk-tools \ + openssl \ + ssl_client \ + musl-utils \ + busybox COPY --from=build-env /usr/local/libexec/redismodule/libredismodule.so /usr/local/libexec/redismodule/libredismodule.so WORKDIR /data diff --git a/docs/release-notes.rst b/docs/release-notes.rst index 37ecb2d..23da65d 100644 --- a/docs/release-notes.rst +++ b/docs/release-notes.rst @@ -30,6 +30,10 @@ This document provides the release notes of the dbaas. Version history --------------- +[0.5.3] - 2021-08-26 + +* Upgrade apk-tools to fix security vulnerabilities CVE-2021-36159 and CVE-2021-30139. + [0.5.2] - 2021-06-04 * Upgrade packages to fix possible security vulnerability reported in Alpine base image.