Skip to content

Commit 36f79ee

Browse files
Upgrade Alpine base image to 3.22 to fix OpenSSL CVE (#727)
Updates deployment-operator Dockerfile FROM alpine:3.21 to alpine:3.22 to address OpenSSL vulnerability (CVE: NULL pointer dereference in CMS EnvelopedData processing). This upgrade brings libcrypto3 from 3.3.6-r0 to 3.5.6-r0, which includes the required security fix (3.3.7-r0+) for the vulnerability affecting CMS_decrypt() operations on untrusted input. Verified: Docker build successful with libcrypto3 3.5.6-r0 installed. Co-authored-by: Michael Guarino <mjg@plural.sh>
1 parent ae8db82 commit 36f79ee

1 file changed

Lines changed: 1 addition & 1 deletion

File tree

Dockerfile

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -28,7 +28,7 @@ RUN curl -L https://get.helm.sh/helm-${HELM_VERSION}-linux-${TARGETARCH}.tar.gz
2828
mv linux-${TARGETARCH}/helm /usr/local/bin/helm && \
2929
chmod +x /usr/local/bin/helm
3030

31-
FROM alpine:3.21
31+
FROM alpine:3.22
3232
WORKDIR /workspace
3333

3434
# Upgrade all packages to get the latest security fixes

0 commit comments

Comments
 (0)