From e5d9ea926850213152a8f70e47dbfa915d443d6e Mon Sep 17 00:00:00 2001
From: Dave Henderson <dhenderson@gmail.com>
Date: Sat, 11 Nov 2023 19:40:23 -0500
Subject: Workaround for CVE-2023-5363 (#1908)

Signed-off-by: Dave Henderson <dhenderson@gmail.com>
---
 .github/workflows/docker.yml | 2 +-
 Dockerfile                   | 5 ++++-
 2 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml
index 2b192cae..1b469acf 100644
--- a/.github/workflows/docker.yml
+++ b/.github/workflows/docker.yml
@@ -28,7 +28,7 @@ jobs:
       id: buildx
       uses: docker/setup-buildx-action@v3.0.0
       with:
-        version: v0.10.4
+        version: v0.11.2
         driver-opts: |
           image=moby/buildkit:buildx-stable-1
           network=host
diff --git a/Dockerfile b/Dockerfile
index d4f3d474..cf66976d 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,4 +1,4 @@
-# syntax=docker/dockerfile:1.4.3-labs
+# syntax=docker/dockerfile:1.6-labs
 FROM --platform=linux/amd64 golang:1.21-alpine AS build
 
 ARG TARGETOS
@@ -48,6 +48,9 @@ ARG TARGETVARIANT
 LABEL org.opencontainers.image.revision=$VCS_REF \
 	org.opencontainers.image.source="https://github.com/hairyhenderson/gomplate"
 
+# tmp patch for CVE-2023-5363
+RUN apk upgrade --no-cache libcrypto3 libssl3
+
 COPY --from=build /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ca-certificates.crt
 COPY --from=build /bin/gomplate_${TARGETOS}-${TARGETARCH}${TARGETVARIANT} /bin/gomplate
 
-- 
cgit v1.2.3