Merge pull request #662 from andyzhangx/CVE-2022-1271

fix: CVE-2022-1271 in image build
kubernetes-sigs · Apr 19, 2022 · 4a4f210 · 4a4f210
2 parents eb96c79 + 1c91679
commit 4a4f210
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/pkg/blobplugin/Dockerfile b/pkg/blobplugin/Dockerfile
@@ -21,7 +21,7 @@ COPY ${binary} /blobplugin
 RUN apt update && apt-mark unhold libcap2
 RUN clean-install ca-certificates uuid-dev util-linux mount udev wget e2fsprogs nfs-common netbase
 # install updated packages to fix CVE issues
-RUN clean-install libgmp10 bsdutils libssl1.1 openssl libc-bin libsystemd0 zlib1g
+RUN clean-install libgmp10 bsdutils libssl1.1 openssl libc-bin libsystemd0 zlib1g gzip liblzma5
 RUN mkdir /blobfuse-proxy/
 COPY ./_output/blobfuse-proxy.deb /blobfuse-proxy/
 ARG ARCH=amd64