Code Review / sdc / sdc-docker-base.git / blob
? search:


ea80f65fb01c78c47d67594106a2cdcb05c8eee0
[sdc/sdc-docker-base.git] / base_sdc-cassandra / Dockerfile
1 FROM cassandra:2.1.17
2
3 # Upgrade specific system libraries to fix CVE vulnerabilities
4 # avahi 0.7-3.1
5 #   For CVE-2017-6519
6 # curl 7.58.0-2
7 #   For CVE-2016-7167 CVE-2016-7141
8 # krb5 1.16-2
9 #   For 2018-5709 CVE-2017-15088 CVE-2017-11462
10 # libtiff5 4.0.9-5
11 #   For CVE-2018-5360
12 # libx11 2:1.6.5-1
13 #   For CVE-2016-7943 CVE-2016-7942
14 # libxml2 2.9.4+dfsg1-6.1
15 #   For CVE-2016-4448
16 # libxtst6 2:1.2.3-1
17 #   For CVE-2016-7951
18 # perl 5.26.2-2
19 #   For CVE-2017-12837 CVE-2017-12883
20 # python 2.7.15~rc1-1
21 #   For CVE-2017-1000158
22 # libsqlite3-0 3.23.1-1
23 #   For CVE-2017-10989
24 # libdb5.3
25 #   CVE-2016-3418 CVE-2016-0694 CVE-2016-0692 CVE-2016-0689 CVE-2016-0682
26 # libcairo2 libcairo-gobject2
27 #   CVE-2017-9814
28 # libc-bin libc6 multiarch-support
29 #   CVE-2018-1000001 CVE-2017-16997 CVE-2017-1000366 CVE-2015-5180 CVE-2016-5417 CVE-2018-6485 CVE-2017-15804 CVE-2017-15670 CVE-2014-9984 CVE-2014-9761 CVE-2015-8983 CVE-2015-8982
30 # libgtk2.0-0 libgtk2.0-common
31 #   CVE-2014-1949
32 # libharfbuzz0b
33 #   CVE-2015-8947 CVE-2016-2052
34 # libgcrypt20
35 #   CVE-2017-0379
36 # libtasn1-6
37 #   CVE-2018-6003 CVE-2017-10790
38 # libxi6
39 #   CVE-2016-7946 CVE-2016-7945
40 # libldap-2.4-2
41 #   CVE-2017-17740
42 # libpcre3
43 #   CVE-2015-3217
44 # passwd
45 #   CVE-2017-12424
46 # zlib1g
47 #   CVE-2016-9843 CVE-2016-9841 CVE-2016-9842 CVE-2016-9840
48
49 RUN echo "deb http://deb.debian.org/debian buster main" >> /etc/apt/sources.list && \
50     echo "deb http://deb.debian.org/debian buster-updates main" >> /etc/apt/sources.list && \
51     echo "deb http://security.debian.org buster/updates main" >> /etc/apt/sources.list && \
52     apt-get -y update && \
53     apt-get -y --no-install-recommends install \
54       vim=2:7.4.488-7+deb8u3 vim-common=2:7.4.488-7+deb8u3 vim-runtime=2:7.4.488-7+deb8u3 \
55       apt-utils=1.0.9.8.4 \
56       openjdk-8-jdk=8u162-b12-1~bpo8+1 \
57       libavahi-client3=0.7-4 libavahi-common-data=0.7-4 libavahi-common3=0.7-4 \
58       curl=7.58.0-2 libcurl3=7.58.0-2 \
59       krb5-locales=1.16-2 libgssapi-krb5-2=1.16-2 libkrb5-3=1.16-2 libkrb5support0=1.16-2 \
60       libtiff5=4.0.9-5 \
61       libx11-6=2:1.6.5-1 libx11-data=2:1.6.5-1 libx11-xcb1=2:1.6.5-1 \
62       libxml2=2.9.4+dfsg1-6.1 \
63       libxtst6=2:1.2.3-1 \
64       perl=5.26.2-3 \
65       python=2.7.15~rc1-1 \
66       libsqlite3-0=3.23.1-1 \
67       libdb5.3=5.3.28-13.1+b1 \
68       libcairo2=1.15.10-3 libcairo-gobject2=1.15.10-3 \
69       libc-bin=2.27-3 libc6=2.27-3 multiarch-support=2.27-3 \
70       libgtk2.0-0=2.24.32-1 libgtk2.0-common=2.24.32-1 \
71       libharfbuzz0b=1.7.6-1 \
72       libgcrypt20=1.8.2-2 \
73       libtasn1-6=4.13-2 \
74       libxi6=2:1.7.9-1 \
75       libldap-2.4-2=2.4.45+dfsg-1 \
76       libpcre3=2:8.39-9 \
77       passwd=1:4.5-1 \
78       zlib1g=1:1.2.8.dfsg-5 && \
79     apt-get -y autoremove
80
81
82 RUN update-alternatives --set java /usr/lib/jvm/java-8-openjdk-amd64/jre/bin/java
83
84 RUN curl -L https://omnitruck.chef.io/install.sh | bash
85
SDC base docker creation project