lub
/
mailu
1
0
Fork 0
Code Issues Pull Requests Packages Releases Wiki Activity

Merge #1760

Browse Source 
1760: Security updates to postgresql r=mergify[bot] a=WebSpider

## What type of PR?

Security update

## What does this PR do?

It fixes vulnerabilities in the sudo package in the postgresql optional container documented in
CVE-2021-23240, CVE-2021-3156 and CVE-2021-23239

### Related issue(s)

None

## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/guide.html#changelog) entry file.


Co-authored-by: Nils Vogels <n.vogels@aves-it.nl>
master
bors[bot] 4 years ago committed by GitHub
parent 4dbefe8e3a 3b7ecb3a8b
commit 42cefab4c2
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File

1
optional/postgresql/Dockerfile
Unescape Escape View File

@ -3,6 +3,7 @@ FROM $DISTRO
# python3 shared with most images
RUN apk add --no-cache \
python3 py3-pip bash py3-multidict \
&& apk add --upgrade sudo \
&& pip3 install --upgrade pip
# Shared layer between nginx, dovecot, postfix, postgresql, rspamd, unbound, rainloop, roundcube

2
towncrier/newsfragments/1760.bugfix
Unescape Escape View File

@ -0,0 +1,2 @@
Fix CVE-2021-23240, CVE-2021-3156 and CVE-2021-23239 for postgresql
by force-upgrading sudo.
Write Preview
Loading…
Cancel
Save