Skip to content
This repository has been archived by the owner on Oct 12, 2023. It is now read-only.

Commit

Permalink
security: fix CVE-2021-37750 (#1178)
Browse files Browse the repository at this point in the history 
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
  • Loading branch information
@aramase
aramase committed Oct 11, 2021
1 parent f547579 commit 1d572f1
Showing 1 changed file with 2 additions and 1 deletion.
3 changes: 2 additions & 1 deletion Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,8 @@ RUN export GOOS=$TARGETOS && \

FROM k8s.gcr.io/build-image/debian-iptables:bullseye-v1.0.0 AS nmi
# upgrading libssl1.1 due to CVE-2021-3711 and CVE-2021-3712
RUN clean-install ca-certificates libssl1.1
# upgrading libgssapi-krb5-2 and libk5crypto3 due to CVE-2021-37750
RUN clean-install ca-certificates libssl1.1 libgssapi-krb5-2 libk5crypto3
COPY --from=builder /go/src/github.com/Azure/aad-pod-identity/bin/aad-pod-identity/nmi /bin/
RUN useradd -u 10001 nonroot
USER nonroot
Expand Down

0 comments on commit 1d572f1

Please sign in to comment.