larryh/corso
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
corso/docker/Dockerfile
InfraOwner 0558ceaf41
[Snyk] Security upgrade ubuntu from latest to 22.10 (#3159) 
<p>This PR was automatically created by Snyk using the credentials of a real user.</p><br />Keeping your Docker base image up-to-date means you’ll benefit from security fixes in the latest version of your chosen image.

#### Changes included in this PR 


- docker/Dockerfile

We recommend upgrading to `ubuntu:22.10`, as this image has only 7 known vulnerabilities. To do this, merge this pull request, then verify your application still works as expected.



Some of the most important vulnerabilities in your base image include:

| Severity                                                                                                           | Issue                                                                     | Exploit Maturity      |
| :------:                                                                                                           | :----                                                                     | :---------------      |
| ![medium severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/m.png "medium severity")   | Integer Overflow or Wraparound <br/>[SNYK-UBUNTU2204-KRB5-3126899](https://snyk.io/vuln/SNYK-UBUNTU2204-KRB5-3126899)   | No Known Exploit   |
| ![medium severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/m.png "medium severity")   | Integer Overflow or Wraparound <br/>[SNYK-UBUNTU2204-KRB5-3126899](https://snyk.io/vuln/SNYK-UBUNTU2204-KRB5-3126899)   | No Known Exploit   |
| ![high severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/h.png "high severity")   | Access of Resource Using Incompatible Type (&#x27;Type Confusion&#x27;) <br/>[SNYK-UBUNTU2204-OPENSSL-3314792](https://snyk.io/vuln/SNYK-UBUNTU2204-OPENSSL-3314792)   | No Known Exploit   |
| ![medium severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/m.png "medium severity")   | CVE-2022-4415 <br/>[SNYK-UBUNTU2204-SYSTEMD-3180311](https://snyk.io/vuln/SNYK-UBUNTU2204-SYSTEMD-3180311)   | No Known Exploit   |
| ![medium severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/m.png "medium severity")   | Out-of-bounds Read <br/>[SNYK-UBUNTU2204-TAR-3261138](https://snyk.io/vuln/SNYK-UBUNTU2204-TAR-3261138)   | No Known Exploit   |



---

**Note:** _You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs._

For more information: <img src="https://api.segment.io/v1/pixel/track?data=eyJ3cml0ZUtleSI6InJyWmxZcEdHY2RyTHZsb0lYd0dUcVg4WkFRTnNCOUEwIiwiYW5vbnltb3VzSWQiOiJlZmRlYTk2Yi1jZjgxLTQ4NjAtOTVhNC0wYzU4ZTcwZWI3N2EiLCJldmVudCI6IlBSIHZpZXdlZCIsInByb3BlcnRpZXMiOnsicHJJZCI6ImVmZGVhOTZiLWNmODEtNDg2MC05NWE0LTBjNThlNzBlYjc3YSJ9fQ==" width="0" height="0"/>
🧐 [View latest project report](https://app.snyk.io/org/alcion/project/79a3dd06-1da0-4ec7-a75f-f901c70a6f83?utm_source&#x3D;github-enterprise&amp;utm_medium&#x3D;referral&amp;page&#x3D;fix-pr)

🛠 [Adjust project settings](https://app.snyk.io/org/alcion/project/79a3dd06-1da0-4ec7-a75f-f901c70a6f83?utm_source&#x3D;github-enterprise&amp;utm_medium&#x3D;referral&amp;page&#x3D;fix-pr/settings)

[//]: # 'snyk:metadata:{"prId":"efdea96b-cf81-4860-95a4-0c58e70eb77a","prPublicId":"efdea96b-cf81-4860-95a4-0c58e70eb77a","dependencies":[{"name":"ubuntu","from":"latest","to":"22.10"}],"packageManager":"dockerfile","projectPublicId":"79a3dd06-1da0-4ec7-a75f-f901c70a6f83","projectUrl":"https://app.snyk.io/org/alcion/project/79a3dd06-1da0-4ec7-a75f-f901c70a6f83?utm_source=github-enterprise&utm_medium=referral&page=fix-pr","type":"auto","patch":[],"vulns":["SNYK-UBUNTU2204-TAR-3261138","SNYK-UBUNTU2204-OPENSSL-3314792","SNYK-UBUNTU2204-KRB5-3126899","SNYK-UBUNTU2204-SYSTEMD-3180311"],"upgrade":["SNYK-UBUNTU2204-KRB5-3126899","SNYK-UBUNTU2204-KRB5-3126899","SNYK-UBUNTU2204-OPENSSL-3314792","SNYK-UBUNTU2204-SYSTEMD-3180311","SNYK-UBUNTU2204-TAR-3261138"],"isBreakingChange":false,"env":"prod","prType":"fix","templateVariants":["updated-fix-title"],"priorityScoreList":[null,null,null,null],"remediationStrategy":"vuln"}'

---

**Learn how to fix vulnerabilities with free interactive lessons:**

 🦉 [Learn about vulnerability in an interactive lesson of Snyk Learn.](https://learn.snyk.io/?loc&#x3D;fix-pr)
2023-04-21 04:32:57 +00:00

30 lines
457 B
Docker
Raw Blame History

# syntax=docker/dockerfile:1
# This dockerfile is able to make a quick, local image of corso.
# It is not used for deployments.
## Build
FROM golang:1.19 AS base
WORKDIR /src
COPY ./src/go.mod .
COPY ./src/go.sum .
RUN go mod download
COPY ./src .
FROM base AS build
ARG TARGETOS
ARG TARGETARCH
RUN GOOS=${TARGETOS} GOARCH=${TARGETARCH} go build -o /corso .
## Deploy
FROM ubuntu:22.10
COPY --from=build /corso /
USER nobody
ENTRYPOINT ["/corso"]
Reference in New Issue View Git Blame Copy Permalink