From d8f579b1e24f8488816af33300f703a632d8474c Mon Sep 17 00:00:00 2001 From: Brian Christner Date: Thu, 25 Sep 2014 12:53:13 +0200 Subject: [PATCH 1/2] Update Dockerfile --- Dockerfile | 1 + 1 file changed, 1 insertion(+) diff --git a/Dockerfile b/Dockerfile index 8434eec..253d194 100644 --- a/Dockerfile +++ b/Dockerfile @@ -6,6 +6,7 @@ RUN echo "deb http://ppa.launchpad.net/nginx/stable/ubuntu trusty main" > /etc/a RUN echo "deb-src http://ppa.launchpad.net/nginx/stable/ubuntu trusty main" >> /etc/apt/sources.list.d/nginx-stable-trusty.list RUN apt-key adv --keyserver keyserver.ubuntu.com --recv-keys C300EE8C RUN apt-get update +RUN apt-get upgrade RUN apt-get install -y wget nginx RUN echo "daemon off;" >> /etc/nginx/nginx.conf From 1404ecacf9162d6f2eaee4c344864a37a889f98c Mon Sep 17 00:00:00 2001 From: Brian Christner Date: Thu, 25 Sep 2014 12:59:36 +0200 Subject: [PATCH 2/2] Upgrade Bash Updated Dockerfile in order to update/upgrade bash to fix the security bug found by Red Hat https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/ --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 253d194..a64c7d3 100644 --- a/Dockerfile +++ b/Dockerfile @@ -6,7 +6,7 @@ RUN echo "deb http://ppa.launchpad.net/nginx/stable/ubuntu trusty main" > /etc/a RUN echo "deb-src http://ppa.launchpad.net/nginx/stable/ubuntu trusty main" >> /etc/apt/sources.list.d/nginx-stable-trusty.list RUN apt-key adv --keyserver keyserver.ubuntu.com --recv-keys C300EE8C RUN apt-get update -RUN apt-get upgrade +RUN apt-get install --only-upgrade bash RUN apt-get install -y wget nginx RUN echo "daemon off;" >> /etc/nginx/nginx.conf