From 56a2a1c6c9dd3595da79a632e122d9cf5cf4787b Mon Sep 17 00:00:00 2001
From: Robert Hebel <robert.hebel@smartbear.com>
Date: Tue, 7 Apr 2026 09:08:03 +0200
Subject: [PATCH] fix(docker): bump libpng and zlib versions to fix
 CVE-2026-33416, CVE-2026-33636 and CVE-2026-22184

---
 Dockerfile | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index d8d931a9323..2003b32a299 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -2,7 +2,7 @@
 # We don't declare them here — take a look at our docs.
 # https://github.com/swagger-api/swagger-ui/blob/master/docs/usage/configuration.md
 
-FROM nginx:1.29.6-alpine
+FROM nginx:1.29.7-alpine
 
 LABEL maintainer="vladimir.gorej@gmail.com" \
       org.opencontainers.image.authors="vladimir.gorej@gmail.com" \
@@ -11,7 +11,7 @@ LABEL maintainer="vladimir.gorej@gmail.com" \
       org.opencontainers.image.description="SwaggerUI Docker image" \
       org.opencontainers.image.licenses="Apache-2.0"
 
-RUN apk add --update-cache --no-cache "nodejs" "libxml2>=2.13.9-r0" "libexpat>=2.7.2-r0" "libxslt>=1.1.42-r2" "xz-libs>=5.6.3-r1" "c-ares>=1.34.5-r0"
+RUN apk add --update-cache --no-cache "nodejs" "libxml2>=2.13.9-r0" "libexpat>=2.7.2-r0" "libxslt>=1.1.42-r2" "xz-libs>=5.6.3-r1" "c-ares>=1.34.5-r0" "libpng>=1.6.56-r0" "zlib>=1.3.2-r0"
 
 LABEL maintainer="char0n"