Fix DBAAS (alpine3.11) vulnerabilities found in package apk-tools

 CRITICAL apk-tools (fixed in: 2.10.7-r0) CVE-2021-36159
 HIGH     apk-tools (fixed in: 2.10.6-r0) CVE-2021-30139

Upgrading apk-tools 2.10.5-r0 -> 2.10.8-r0 in Alpine 3.11 image.

Issue-Id: RIC-828

Change-Id: I274e18254bdae7784ed1e25e5469bd09b7b43cc5
Signed-off-by: Petri Ovaska <petri.ovaska@nokia.com>

diff --git a/container-tag.yaml b/container-tag.yaml
index 8b64fad..e5cc37b 100644 (file)
--- a/container-tag.yaml
+++ b/container-tag.yaml
@@ -2,4 +2,4 @@
 # This file is expected to be in the docker build directory;
 # can be moved with suitable JJB configuration.
 ---
-tag: '0.5.2'
+tag: '0.5.3'

diff --git a/docker/Dockerfile.redis b/docker/Dockerfile.redis
index 50ffeea..bf13ec4 100644 (file)
--- a/docker/Dockerfile.redis
+++ b/docker/Dockerfile.redis
@@ -73,7 +73,12 @@ RUN ./autogen.sh && \
 
 FROM redis:5.0.9-alpine3.11 as build
 
-RUN apk --update add --upgrade --no-cache openssl ssl_client musl-utils busybox
+RUN apk --update add --upgrade --no-cache \
+    apk-tools \
+    openssl \
+    ssl_client \
+    musl-utils \
+    busybox
 
 COPY --from=build-env /usr/local/libexec/redismodule/libredismodule.so /usr/local/libexec/redismodule/libredismodule.so
 WORKDIR /data

diff --git a/docs/release-notes.rst b/docs/release-notes.rst
index 37ecb2d..23da65d 100644 (file)
--- a/docs/release-notes.rst
+++ b/docs/release-notes.rst
@@ -30,6 +30,10 @@ This document provides the release notes of the dbaas.
 Version history
 ---------------
 
+[0.5.3] - 2021-08-26
+
+* Upgrade apk-tools to fix security vulnerabilities CVE-2021-36159 and CVE-2021-30139.
+
 [0.5.2] - 2021-06-04
 
 * Upgrade packages to fix possible security vulnerability reported in Alpine base image.