larryh/corso
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
corso/website/Dockerfile
InfraOwner 3684aa1c6a
[Snyk] Security upgrade ubuntu from mantic-20231011 to 23.10 (#4788) 
<p>This PR was automatically created by Snyk using the credentials of a real user.</p><br />Keeping your Docker base image up-to-date means you’ll benefit from security fixes in the latest version of your chosen image.

#### Changes included in this PR 


- website/Dockerfile

We recommend upgrading to `ubuntu:23.10`, as this image has only 8 known vulnerabilities. To do this, merge this pull request, then verify your application still works as expected.



Some of the most important vulnerabilities in your base image include:

| Severity                                                                                                                 | Priority Score / 1000  | Issue                                                                     | Exploit Maturity      |
| :------:                                                                                                                 | :--------------------  | :----                                                                     | :---------------      |
| ![medium severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/m.png "medium severity")   | **586**  | CVE-2023-5981 <br/>[SNYK-UBUNTU2310-GNUTLS28-6069047](https://snyk.io/vuln/SNYK-UBUNTU2310-GNUTLS28-6069047)   | No Known Exploit   |
| ![medium severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/m.png "medium severity")   | **586**  | CVE-2023-47038 <br/>[SNYK-UBUNTU2310-PERL-6085371](https://snyk.io/vuln/SNYK-UBUNTU2310-PERL-6085371)   | No Known Exploit   |
| ![low severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/l.png "low severity")   | **364**  | Out-of-bounds Write <br/>[SNYK-UBUNTU2310-PROCPS-5972730](https://snyk.io/vuln/SNYK-UBUNTU2310-PROCPS-5972730)   | No Known Exploit   |
| ![low severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/l.png "low severity")   | **364**  | Out-of-bounds Write <br/>[SNYK-UBUNTU2310-PROCPS-5972730](https://snyk.io/vuln/SNYK-UBUNTU2310-PROCPS-5972730)   | No Known Exploit   |
| ![medium severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/m.png "medium severity")   | **371**  | CVE-2023-39804 <br/>[SNYK-UBUNTU2310-TAR-6096092](https://snyk.io/vuln/SNYK-UBUNTU2310-TAR-6096092)   | No Known Exploit   |



---

**Note:** _You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs._

For more information: <img src="https://api.segment.io/v1/pixel/track?data=eyJ3cml0ZUtleSI6InJyWmxZcEdHY2RyTHZsb0lYd0dUcVg4WkFRTnNCOUEwIiwiYW5vbnltb3VzSWQiOiI5NjQ5YzkwMi05YWUxLTQyNTYtYTU3OS0xMmJmNWVlNGE3MzAiLCJldmVudCI6IlBSIHZpZXdlZCIsInByb3BlcnRpZXMiOnsicHJJZCI6Ijk2NDljOTAyLTlhZTEtNDI1Ni1hNTc5LTEyYmY1ZWU0YTczMCJ9fQ==" width="0" height="0"/>
🧐 [View latest project report](https://app.snyk.io/org/alcion/project/be35e6c9-5393-4702-af3c-f4aebb53488e?utm_source&#x3D;github-enterprise&amp;utm_medium&#x3D;referral&amp;page&#x3D;fix-pr)

🛠 [Adjust project settings](https://app.snyk.io/org/alcion/project/be35e6c9-5393-4702-af3c-f4aebb53488e?utm_source&#x3D;github-enterprise&amp;utm_medium&#x3D;referral&amp;page&#x3D;fix-pr/settings)

[//]: # 'snyk:metadata:{"prId":"9649c902-9ae1-4256-a579-12bf5ee4a730","prPublicId":"9649c902-9ae1-4256-a579-12bf5ee4a730","dependencies":[{"name":"ubuntu","from":"mantic-20231011","to":"23.10"}],"packageManager":"dockerfile","projectPublicId":"be35e6c9-5393-4702-af3c-f4aebb53488e","projectUrl":"https://app.snyk.io/org/alcion/project/be35e6c9-5393-4702-af3c-f4aebb53488e?utm_source=github-enterprise&utm_medium=referral&page=fix-pr","type":"auto","patch":[],"vulns":["SNYK-UBUNTU2310-GNUTLS28-6069047","SNYK-UBUNTU2310-PERL-6085371","SNYK-UBUNTU2310-TAR-6096092","SNYK-UBUNTU2310-PROCPS-5972730"],"upgrade":["SNYK-UBUNTU2310-GNUTLS28-6069047","SNYK-UBUNTU2310-PERL-6085371","SNYK-UBUNTU2310-PROCPS-5972730","SNYK-UBUNTU2310-PROCPS-5972730","SNYK-UBUNTU2310-TAR-6096092"],"isBreakingChange":false,"env":"prod","prType":"fix","templateVariants":["updated-fix-title","priorityScore"],"priorityScoreList":[586,586,371,364],"remediationStrategy":"vuln"}'

---

**Learn how to fix vulnerabilities with free interactive lessons:**

 🦉 [Learn about vulnerability in an interactive lesson of Snyk Learn.](https://learn.snyk.io/?loc&#x3D;fix-pr)
2023-12-05 04:19:06 +00:00

33 lines
1.4 KiB
Docker
Raw Blame History

FROM ubuntu:23.10
LABEL MAINTAINER="Niraj Tolia"
ARG DEBIAN_FRONTEND=noninteractive
# NOTE for lines 17,19: update in CI when updating
RUN apt-get -y update && apt-get -y install gpg curl git make ca-certificates gnupg unzip \
&& mkdir -p /etc/apt/keyrings \
&& curl -fsSL https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key | gpg --dearmor -o /etc/apt/keyrings/nodesource.gpg \
&& echo "deb [signed-by=/etc/apt/keyrings/nodesource.gpg] https://deb.nodesource.com/node_20.x nodistro main" | tee /etc/apt/sources.list.d/nodesource.list \
&& apt-get update \
&& apt-get -y install nodejs \
&& apt-get autoclean \
&& node --version \
&& npm --version \
&& arch=$(arch | sed s/aarch64/arm64/ | sed s/x86_64/64-bit/) \
&& cd /tmp && curl -O -L https://github.com/errata-ai/vale/releases/download/v2.20.1/vale_2.20.1_Linux_${arch}.tar.gz \
&& tar -xvzf vale_2.20.1_Linux_${arch}.tar.gz -C /usr/bin vale \
&& npm install -g markdownlint-cli@0.32.2 \
&& curl "https://awscli.amazonaws.com/awscli-exe-linux-$(arch).zip" -o "awscliv2.zip" \
&& unzip awscliv2.zip && /bin/bash aws/install && rm -rf awscliv2.zip aws
WORKDIR /usr/src
COPY package.json package-lock.json* ./
RUN npm ci \
&& npm cache clean --force \
&& rm -f package.json package-lock.json*
ENV PATH /usr/src/node_modules/.bin:$PATH
WORKDIR /usr/src/website
CMD ["npm", "start", "--", "--host", "0.0.0.0"]
Reference in New Issue View Git Blame Copy Permalink