From e5d9ea926850213152a8f70e47dbfa915d443d6e Mon Sep 17 00:00:00 2001
From: Dave Henderson <dhenderson@gmail.com>
Date: Sat, 11 Nov 2023 19:40:23 -0500
Subject: Workaround for CVE-2023-5363 (#1908)

Signed-off-by: Dave Henderson <dhenderson@gmail.com>
---
 Dockerfile | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

(limited to 'Dockerfile')

diff --git a/Dockerfile b/Dockerfile
index d4f3d474..cf66976d 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,4 +1,4 @@
-# syntax=docker/dockerfile:1.4.3-labs
+# syntax=docker/dockerfile:1.6-labs
 FROM --platform=linux/amd64 golang:1.21-alpine AS build
 
 ARG TARGETOS
@@ -48,6 +48,9 @@ ARG TARGETVARIANT
 LABEL org.opencontainers.image.revision=$VCS_REF \
 	org.opencontainers.image.source="https://github.com/hairyhenderson/gomplate"
 
+# tmp patch for CVE-2023-5363
+RUN apk upgrade --no-cache libcrypto3 libssl3
+
 COPY --from=build /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ca-certificates.crt
 COPY --from=build /bin/gomplate_${TARGETOS}-${TARGETARCH}${TARGETVARIANT} /bin/gomplate
 
-- 
cgit v1.2.3