[FOLIO-3523] Fix Out-of-bounds Read in folio-ansible stripes Dockerfile Created: 21/Jun/22 Updated: 25/Jul/22 Resolved: 25/Jul/22 |
|
| Status: | Closed |
| Project: | FOLIO |
| Components: | Continuous Integration |
| Affects versions: | None |
| Fix versions: | None |
| Type: | Bug | Priority: | P2 |
| Reporter: | Julian Ladisch | Assignee: | John Malconian |
| Resolution: | Done | Votes: | 0 |
| Labels: | reviewed, security, security-reviewed | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original estimate: | Not Specified | ||
| Sprint: | DevOps Sprint 144, DevOps Sprint 142, DevOps Sprint 145 |
| Development Team: | FOLIO DevOps |
| RCA Group: | TBD |
| Description |
|
nginx:stable-alpine in https://github.com/folio-org/folio-ansible/blob/master/roles/stripes-docker/templates/Dockerfile.j2 contains pcre2/pcre2@10.39-r0 that has Out-of-bounds Read vulnerabilities: A fix is available: pcre2/pcre2@10.40-r0 However, nginx:stable-alpine doesn't immediately get security fixes: https://github.com/nginxinc/docker-nginx/issues/671 Therefore RUN apk --no-cache upgrade is needed. |
| Comments |
| Comment by John Malconian [ 25/Jul/22 ] |
|
PR tested and merged. |