1760: Security updates to postgresql r=mergify[bot] a=WebSpider

## What type of PR?

Security update

## What does this PR do?

It fixes vulnerabilities in the sudo package in the postgresql optional container documented in
CVE-2021-23240, CVE-2021-3156 and CVE-2021-23239

### Related issue(s)

None

## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/guide.html#changelog) entry file.


Co-authored-by: Nils Vogels <n.vogels@aves-it.nl>
master
bors[bot] 4 years ago committed by GitHub
commit 42cefab4c2
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

@ -3,6 +3,7 @@ FROM $DISTRO
# python3 shared with most images # python3 shared with most images
RUN apk add --no-cache \ RUN apk add --no-cache \
python3 py3-pip bash py3-multidict \ python3 py3-pip bash py3-multidict \
&& apk add --upgrade sudo \
&& pip3 install --upgrade pip && pip3 install --upgrade pip
# Shared layer between nginx, dovecot, postfix, postgresql, rspamd, unbound, rainloop, roundcube # Shared layer between nginx, dovecot, postfix, postgresql, rspamd, unbound, rainloop, roundcube

@ -0,0 +1,2 @@
Fix CVE-2021-23240, CVE-2021-3156 and CVE-2021-23239 for postgresql
by force-upgrading sudo.
Loading…
Cancel
Save