[FOLIO-3523] Fix Out-of-bounds Read in folio-ansible stripes Dockerfile Created: 21/Jun/22  Updated: 25/Jul/22  Resolved: 25/Jul/22

Status: Closed
Project: FOLIO
Components: Continuous Integration
Affects versions: None
Fix versions: None

Type: Bug Priority: P2
Reporter: Julian Ladisch Assignee: John Malconian
Resolution: Done Votes: 0
Labels: reviewed, security, security-reviewed
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original estimate: Not Specified

Sprint: DevOps Sprint 144, DevOps Sprint 142, DevOps Sprint 145
Development Team: FOLIO DevOps
RCA Group: TBD

 Description   

nginx:stable-alpine in https://github.com/folio-org/folio-ansible/blob/master/roles/stripes-docker/templates/Dockerfile.j2 contains

pcre2/pcre2@10.39-r0

that has Out-of-bounds Read vulnerabilities:

A fix is available:

pcre2/pcre2@10.40-r0

However, nginx:stable-alpine doesn't immediately get security fixes: https://github.com/nginxinc/docker-nginx/issues/671

Therefore RUN apk --no-cache upgrade is needed.



 Comments   
Comment by John Malconian [ 25/Jul/22 ]

PR tested and merged.

Generated at Thu Feb 08 23:28:46 UTC 2024 using Jira 1001.0.0-SNAPSHOT#100246-sha1:7a5c50119eb0633d306e14180817ddef5e80c75d.