Merge pull request #394 from andyzhangx/libgmp10

andyzhangx · web-flow · commit 807ec94f3151 · 2021-12-21T12:02:26.000+08:00
fix: CVE-2021-43618 in Ubuntu image
diff --git a/.github/workflows/pluto.yaml b/.github/workflows/pluto.yaml
@@ -1,4 +1,4 @@
-name: apiVersion deprecation test
+name: k8s api version check
 on:
     pull_request: {}
     push: {}
@@ -13,6 +13,7 @@ jobs:
     - name: Checkout
       uses: actions/checkout@v2
 
+    # https://pluto.docs.fairwinds.com/advanced/#display-options
     - name: Download pluto
       uses: FairwindsOps/pluto/github-action@master
 
diff --git a/pkg/smbplugin/Dockerfile b/pkg/smbplugin/Dockerfile
@@ -17,7 +17,7 @@ FROM k8s.gcr.io/build-image/debian-base:bullseye-v1.0.0
 RUN apt update && apt-mark unhold libcap2
 RUN clean-install ca-certificates cifs-utils util-linux e2fsprogs mount udev xfsprogs
 # install updated packages to fix CVE issues
-RUN clean-install libssl1.1 libgssapi-krb5-2 libk5crypto3 libkrb5-3 libkrb5support0
+RUN clean-install libssl1.1 libgssapi-krb5-2 libk5crypto3 libkrb5-3 libkrb5support0 libgmp10
 
 LABEL maintainers="andyzhangx"
 LABEL description="SMB CSI Driver"
