From a95fbf5353ab7dbcc2155dc30f74034969f438d6 Mon Sep 17 00:00:00 2001 From: Mark Hermeling Date: Thu, 25 Mar 2021 17:10:34 +0000 Subject: [PATCH 1/7] Update Dockerfile --- Dockerfile | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/Dockerfile b/Dockerfile index 3893b17..918f30c 100644 --- a/Dockerfile +++ b/Dockerfile @@ -40,6 +40,16 @@ RUN rm -rf /opt/codesonar-5.4p0/third-party/postgresql-9.2 RUN rm -rf /opt/codesonar-5.4p0/third-party/postgresql-9.3 RUN rm -rf /opt/codesonar-5.4p0/third-party/postgresql-9.6 +RUN rm -rf /opt/codesonar-5.4p0/third-party/python/inst/lib/python2.7/test/*pem /opt/codesonar-5.4p0/third-party/python/instmt/lib/python2.7/test/*pem + +RUN rm -rf /opt/codesonar-5.4p0/third-party/python/instmt/lib/python2.7/site-packages/sqlalchemy +RUN rm -rf /opt/codesonar-5.4p0/third-party/python/inst/lib/python2.7/site-packages/sqlalchemy +RUN rm -rf /opt/codesonar-5.4p0/third-party/python/inst/lib/python2.7/site-packages/jinja2 +RUN rm -rf /opt/codesonar-5.4p0/third-party/python/instmt/lib/python2.7/site-packages/jinja2 +RUN rm -rf /opt/codesonar-5.4p0/third-party/python/inst/lib/python2.7/site-packages/urllib3 +RUN rm -rf /opt/codesonar-5.4p0/third-party/python/instmt/lib/python2.7/site-packages/urllib3 +RUN rm -rf /usr/lib/python3.6/site-packages/urllib3 + RUN mkdir /home/codesonar/hub \ && chown codesonar.codesonar /home/codesonar/hub -- GitLab From 4633f0c2eca67283e8494437137ff90b18c8805d Mon Sep 17 00:00:00 2001 From: Mark Hermeling Date: Thu, 25 Mar 2021 17:33:17 +0000 Subject: [PATCH 2/7] Update Dockerfile --- Dockerfile | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/Dockerfile b/Dockerfile index 918f30c..83dbca5 100644 --- a/Dockerfile +++ b/Dockerfile @@ -42,10 +42,7 @@ RUN rm -rf /opt/codesonar-5.4p0/third-party/postgresql-9.6 RUN rm -rf /opt/codesonar-5.4p0/third-party/python/inst/lib/python2.7/test/*pem /opt/codesonar-5.4p0/third-party/python/instmt/lib/python2.7/test/*pem -RUN rm -rf /opt/codesonar-5.4p0/third-party/python/instmt/lib/python2.7/site-packages/sqlalchemy -RUN rm -rf /opt/codesonar-5.4p0/third-party/python/inst/lib/python2.7/site-packages/sqlalchemy -RUN rm -rf /opt/codesonar-5.4p0/third-party/python/inst/lib/python2.7/site-packages/jinja2 -RUN rm -rf /opt/codesonar-5.4p0/third-party/python/instmt/lib/python2.7/site-packages/jinja2 + RUN rm -rf /opt/codesonar-5.4p0/third-party/python/inst/lib/python2.7/site-packages/urllib3 RUN rm -rf /opt/codesonar-5.4p0/third-party/python/instmt/lib/python2.7/site-packages/urllib3 RUN rm -rf /usr/lib/python3.6/site-packages/urllib3 -- GitLab From de24d4fff9653d858e7e2a7dbdcc6fc5d311770e Mon Sep 17 00:00:00 2001 From: Mark Hermeling Date: Thu, 25 Mar 2021 20:01:53 +0000 Subject: [PATCH 3/7] Update Dockerfile --- Dockerfile | 3 +++ 1 file changed, 3 insertions(+) diff --git a/Dockerfile b/Dockerfile index 83dbca5..5288d1b 100644 --- a/Dockerfile +++ b/Dockerfile @@ -14,6 +14,9 @@ ENV HUB_DEFAULT_PWD=HubSecretPasswd RUN yum -y update \ && yum clean all + +RUN yum -y remove p11-kit + #TO fix CCE-80935-0 RUN yum -y install crypto-policies RUN yum -y install gnutls-utils -- GitLab From 196001aaae0419fa539e6d2408bf89c0057d03be Mon Sep 17 00:00:00 2001 From: Mark Hermeling Date: Fri, 26 Mar 2021 14:46:25 +0000 Subject: [PATCH 4/7] Update Dockerfile --- Dockerfile | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 5288d1b..f2f938b 100644 --- a/Dockerfile +++ b/Dockerfile @@ -15,12 +15,15 @@ RUN yum -y update \ && yum clean all -RUN yum -y remove p11-kit #TO fix CCE-80935-0 RUN yum -y install crypto-policies RUN yum -y install gnutls-utils +# for https://access.redhat.com/security/cve/CVE-2021-23240 +RUN rm -rf /usr/libexec/sudo/sesh + + ARG CODESONAR_PACKAGE=codesonar-5.4p0.20200911-x86_64-pc-linux.tar.gz COPY ["${CODESONAR_PACKAGE}", "/opt"] RUN tar -zxvf /opt/${CODESONAR_PACKAGE} -C /opt -- GitLab From 239f24de7396c3adc53ed61f80149eb5bb09582b Mon Sep 17 00:00:00 2001 From: Mark Hermeling Date: Fri, 26 Mar 2021 16:19:05 +0000 Subject: [PATCH 5/7] Update Dockerfile --- Dockerfile | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index f2f938b..528d911 100644 --- a/Dockerfile +++ b/Dockerfile @@ -17,8 +17,8 @@ RUN yum -y update \ #TO fix CCE-80935-0 -RUN yum -y install crypto-policies -RUN yum -y install gnutls-utils +#RUN yum -y install crypto-policies +#RUN yum -y install gnutls-utils # for https://access.redhat.com/security/cve/CVE-2021-23240 RUN rm -rf /usr/libexec/sudo/sesh @@ -53,6 +53,7 @@ RUN rm -rf /opt/codesonar-5.4p0/third-party/python/inst/lib/python2.7/site-packa RUN rm -rf /opt/codesonar-5.4p0/third-party/python/instmt/lib/python2.7/site-packages/urllib3 RUN rm -rf /usr/lib/python3.6/site-packages/urllib3 + RUN mkdir /home/codesonar/hub \ && chown codesonar.codesonar /home/codesonar/hub -- GitLab From 4bed9bb4f6fd1d28b496e30ce344ad7bbdce47cc Mon Sep 17 00:00:00 2001 From: Mark Hermeling Date: Mon, 29 Mar 2021 12:02:54 +0000 Subject: [PATCH 6/7] Remove urllib3 --- Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index 528d911..badb1dc 100644 --- a/Dockerfile +++ b/Dockerfile @@ -49,8 +49,8 @@ RUN rm -rf /opt/codesonar-5.4p0/third-party/postgresql-9.6 RUN rm -rf /opt/codesonar-5.4p0/third-party/python/inst/lib/python2.7/test/*pem /opt/codesonar-5.4p0/third-party/python/instmt/lib/python2.7/test/*pem -RUN rm -rf /opt/codesonar-5.4p0/third-party/python/inst/lib/python2.7/site-packages/urllib3 -RUN rm -rf /opt/codesonar-5.4p0/third-party/python/instmt/lib/python2.7/site-packages/urllib3 +RUN rm -rf /opt/codesonar-5.4p0/third-party/python/inst/lib/python2.7/site-packages/urllib3* +RUN rm -rf /opt/codesonar-5.4p0/third-party/python/instmt/lib/python2.7/site-packages/urllib3* RUN rm -rf /usr/lib/python3.6/site-packages/urllib3 -- GitLab From 52ef0b541e0f35415ff66b28cd5440b8e8399976 Mon Sep 17 00:00:00 2001 From: Mark Hermeling Date: Mon, 29 Mar 2021 14:45:42 +0000 Subject: [PATCH 7/7] Update Dockerfile --- Dockerfile | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index badb1dc..83942ae 100644 --- a/Dockerfile +++ b/Dockerfile @@ -49,8 +49,7 @@ RUN rm -rf /opt/codesonar-5.4p0/third-party/postgresql-9.6 RUN rm -rf /opt/codesonar-5.4p0/third-party/python/inst/lib/python2.7/test/*pem /opt/codesonar-5.4p0/third-party/python/instmt/lib/python2.7/test/*pem -RUN rm -rf /opt/codesonar-5.4p0/third-party/python/inst/lib/python2.7/site-packages/urllib3* -RUN rm -rf /opt/codesonar-5.4p0/third-party/python/instmt/lib/python2.7/site-packages/urllib3* +RUN rm -rf /opt/codesonar-5.4p0/third-party/python/inst/lib/python2.7/site-packages/urllib3* /opt/codesonar-5.4p0/third-party/python/instmt/lib/python2.7/site-packages/urllib3* RUN rm -rf /usr/lib/python3.6/site-packages/urllib3 -- GitLab