security: fix CVEs

aramase · aramase · commit 78d25074920e · 2022-03-28T17:38:41.000Z
- upgrading libc-bin due to CVE-2021-33574, CVE-2022-23218, CVE-2022-23219 and CVE-2021-43396 - upgrading libc6 due to CVE-2021-33574, CVE-2022-23218, CVE-2022-23219 and CVE-2021-43396 - upgrading libsystemd0 due to CVE-2021-3997 - upgrading libudev1 due to CVE-2021-3997 Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
diff --git a/docker/Dockerfile b/docker/Dockerfile
@@ -31,7 +31,11 @@ COPY --from=builder /go/src/sigs.k8s.io/secrets-store-csi-driver/_output/secrets
 # upgrading libgmp10 due to CVE-2021-43618
 # upgrading bsdutils due to CVE-2021-3995 and CVE-2021-3996
 # upgrading libssl1.1 due to CVE-2022-0778 and CVE-2021-4160
-RUN clean-install ca-certificates mount libgmp10 bsdutils libssl1.1
+# upgrading libc-bin due to CVE-2021-33574, CVE-2022-23218, CVE-2022-23219 and CVE-2021-43396
+# upgrading libc6 due to CVE-2021-33574, CVE-2022-23218, CVE-2022-23219 and CVE-2021-43396
+# upgrading libsystemd0 due to CVE-2021-3997
+# upgrading libudev1 due to CVE-2021-3997
+RUN clean-install ca-certificates mount libgmp10 bsdutils libssl1.1 libc-bin libc6 libsystemd0 libudev1
 
 LABEL maintainers="ritazh"
 LABEL description="Secrets Store CSI Driver"
