diff --git a/rstudio/c9s-python-3.11/Dockerfile.cpu b/rstudio/c9s-python-3.11/Dockerfile.cpu index da40bbf646..3c715da7d3 100644 --- a/rstudio/c9s-python-3.11/Dockerfile.cpu +++ b/rstudio/c9s-python-3.11/Dockerfile.cpu @@ -11,6 +11,10 @@ RUN pip install --no-cache-dir -U "micropipenv[toml]" # OS Packages needs to be installed as root USER root +# upgrade first to avoid fixable vulnerabilities +RUN dnf -y upgrade --refresh --best --nodocs --noplugins --setopt=install_weak_deps=0 --setopt=keepcache=0 \ + && dnf clean all -y + # Install useful OS packages RUN dnf install -y mesa-libGL skopeo && dnf clean all && rm -rf /var/cache/yum diff --git a/rstudio/c9s-python-3.11/Dockerfile.cuda b/rstudio/c9s-python-3.11/Dockerfile.cuda index ca6fedf4b8..89a0d8852b 100644 --- a/rstudio/c9s-python-3.11/Dockerfile.cuda +++ b/rstudio/c9s-python-3.11/Dockerfile.cuda @@ -11,6 +11,10 @@ RUN pip install --no-cache-dir -U "micropipenv[toml]" # OS Packages needs to be installed as root USER root +# upgrade first to avoid fixable vulnerabilities +RUN dnf -y upgrade --refresh --best --nodocs --noplugins --setopt=install_weak_deps=0 --setopt=keepcache=0 \ + && dnf clean all -y + # Install useful OS packages RUN dnf install -y mesa-libGL skopeo && dnf clean all && rm -rf /var/cache/yum diff --git a/rstudio/rhel9-python-3.11/Dockerfile.cpu b/rstudio/rhel9-python-3.11/Dockerfile.cpu index aedf9c3733..5d46cfbe88 100644 --- a/rstudio/rhel9-python-3.11/Dockerfile.cpu +++ b/rstudio/rhel9-python-3.11/Dockerfile.cpu @@ -11,6 +11,10 @@ RUN pip install --no-cache-dir -U "micropipenv[toml]" # OS Packages needs to be installed as root USER root +# upgrade first to avoid fixable vulnerabilities +RUN dnf -y upgrade --refresh --best --nodocs --noplugins --setopt=install_weak_deps=0 --setopt=keepcache=0 \ + && dnf clean all -y + # Install useful OS packages RUN dnf install -y mesa-libGL skopeo && dnf clean all && rm -rf /var/cache/yum diff --git a/rstudio/rhel9-python-3.11/Dockerfile.cuda b/rstudio/rhel9-python-3.11/Dockerfile.cuda index ed589331bb..9968162729 100644 --- a/rstudio/rhel9-python-3.11/Dockerfile.cuda +++ b/rstudio/rhel9-python-3.11/Dockerfile.cuda @@ -11,6 +11,10 @@ RUN pip install --no-cache-dir -U "micropipenv[toml]" # OS Packages needs to be installed as root USER root +# upgrade first to avoid fixable vulnerabilities +RUN dnf -y upgrade --refresh --best --nodocs --noplugins --setopt=install_weak_deps=0 --setopt=keepcache=0 \ + && dnf clean all -y + # Install useful OS packages RUN dnf install -y mesa-libGL skopeo && dnf clean all && rm -rf /var/cache/yum