From 95c779772dc3d720b03cd26cf5382986b2639631 Mon Sep 17 00:00:00 2001 From: Konrad-Pomian Date: Wed, 4 Dec 2024 09:39:15 +0100 Subject: [PATCH] Fix vulnerabilities in amd64_agbot image Signed-off-by: Konrad-Pomian --- anax-in-container/Dockerfile_agbot.ubi | 1 + go.mod | 2 +- go.sum | 4 ++-- 3 files changed, 4 insertions(+), 3 deletions(-) diff --git a/anax-in-container/Dockerfile_agbot.ubi b/anax-in-container/Dockerfile_agbot.ubi index a77ecc1f0..38c101306 100644 --- a/anax-in-container/Dockerfile_agbot.ubi +++ b/anax-in-container/Dockerfile_agbot.ubi @@ -13,6 +13,7 @@ LABEL description="The Agbot scans all the edge nodes in the system initiating d ARG REQUIRED_RPMS="openssl ca-certificates shadow-utils jq iptables vim-minimal psmisc procps-ng gettext" RUN microdnf update -y --nodocs --setopt=install_weak_deps=0 --disableplugin=subscription-manager \ && microdnf install -y --nodocs --setopt=install_weak_deps=0 --disableplugin=subscription-manager ${REQUIRED_RPMS} \ + && microdnf upgrade -y --nodocs --setopt=install_weak_deps=0 --disableplugin=subscription-manager krb5-libs \ && microdnf clean all --disableplugin=subscription-manager \ && rm -rf /mnt/rootfs/var/cache/* /mnt/rootfs/var/log/dnf* /mnt/rootfs/var/log/yum.* \ && mkdir -p /licenses /usr/horizon/bin /usr/horizon/web /var/horizon/msgKey \ diff --git a/go.mod b/go.mod index f5dd6c5fa..511607216 100644 --- a/go.mod +++ b/go.mod @@ -129,7 +129,7 @@ require ( golang.org/x/time v0.3.0 // indirect golang.org/x/tools v0.16.1 // indirect google.golang.org/appengine v1.6.8 // indirect - google.golang.org/protobuf v1.31.0 // indirect + google.golang.org/protobuf v1.33.0 // indirect gopkg.in/inf.v0 v0.9.1 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect gotest.tools/v3 v3.4.0 // indirect diff --git a/go.sum b/go.sum index 237b2f109..0391248f3 100644 --- a/go.sum +++ b/go.sum @@ -340,8 +340,8 @@ google.golang.org/appengine v1.6.8 h1:IhEN5q69dyKagZPYMSdIjS2HqprW324FRQZJcGqPAs google.golang.org/appengine v1.6.8/go.mod h1:1jJ3jBArFh5pcgW8gCtRJnepW8FzD1V44FJffLiz/Ds= google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= -google.golang.org/protobuf v1.31.0 h1:g0LDEJHgrBl9N9r17Ru3sqWhkIx2NB67okBHPwC7hs8= -google.golang.org/protobuf v1.31.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= +google.golang.org/protobuf v1.33.0 h1:uNO2rsAINq/JlFpSdYEKIZ0uKD/R9cpdv0T+yoGwGmI= +google.golang.org/protobuf v1.33.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= gopkg.in/alecthomas/kingpin.v2 v2.2.6 h1:jMFz6MfLP0/4fUyZle81rXUoxOBFi19VUFKVDOQfozc= gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=