This is an automated email from the ASF dual-hosted git repository. mmerli pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/pulsar.git
The following commit(s) were added to refs/heads/master by this push: new dd359819b3a [fix] Upgrade Alpine packages at build time to fix CVE-2023-4236 (#22763) dd359819b3a is described below commit dd359819b3a1a54e196bc55a38a2265d3bbe9caa Author: Matteo Merli <mme...@apache.org> AuthorDate: Wed May 22 15:05:18 2024 -0700 [fix] Upgrade Alpine packages at build time to fix CVE-2023-4236 (#22763) --- docker/pulsar/Dockerfile | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/docker/pulsar/Dockerfile b/docker/pulsar/Dockerfile index 5553f13b879..9d46dc97374 100644 --- a/docker/pulsar/Dockerfile +++ b/docker/pulsar/Dockerfile @@ -81,9 +81,8 @@ RUN apk add --no-cache \ procps \ curl -# Fix CVE-2024-2511 by upgrading to OpenSSL 3.1.4-r6 -# We can remove once new Alpine image is released -RUN apk upgrade --no-cache libssl3 libcrypto3 +# Upgrade all packages to get latest versions with security fixes +RUN apk upgrade --no-cache # Python dependencies