From 2e978237d10aed4341410533410eaac4cd4fedab Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Th=C3=A9ophile=20Diot?= <tdiot@bunkerity.com>
Date: Tue, 2 Jul 2024 13:33:42 +0100
Subject: [PATCH] Fix CVEs CVE-2024-4741 CVE-2024-5535

---
 src/autoconf/Dockerfile  | 2 +-
 src/scheduler/Dockerfile | 1 +
 src/ui/Dockerfile        | 2 +-
 3 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/autoconf/Dockerfile b/src/autoconf/Dockerfile
index 6ee050eea..4801aba3b 100644
--- a/src/autoconf/Dockerfile
+++ b/src/autoconf/Dockerfile
@@ -62,7 +62,7 @@ RUN apk add --no-cache bash && \
 
 # Fix CVEs
 RUN apk add --no-cache "busybox>=1.36.1-r17" "busybox-binsh>=1.36.1-r17" "ssl_client>=1.36.1-r17" # CVE-2023-42363 CVE-2023-42364 CVE-2023-42365 CVE-2023-42366
-RUN apk add --no-cache "libcrypto3>=3.1.5-r0" "libssl3>=3.1.5-r0" # CVE-2024-4603
+RUN apk add --no-cache "libcrypto3>=3.1.6-r0" "libssl3>=3.1.6-r0" # CVE-2024-4741 CVE-2024-5535
 
 LABEL maintainer="Bunkerity <contact@bunkerity.com>"
 LABEL version="1.5.9"
diff --git a/src/scheduler/Dockerfile b/src/scheduler/Dockerfile
index 3b2b73330..776b04530 100644
--- a/src/scheduler/Dockerfile
+++ b/src/scheduler/Dockerfile
@@ -70,6 +70,7 @@ COPY --chown=root:scheduler --chmod=770 src/bw/misc/country.mmdb /var/tmp/bunker
 
 # Fix CVEs
 RUN apk add --no-cache "busybox>=1.36.1-r17" "busybox-binsh>=1.36.1-r17" "ssl_client>=1.36.1-r17" # CVE-2023-42363 CVE-2023-42364 CVE-2023-42365 CVE-2023-42366
+RUN apk add --no-cache "libcrypto3>=3.1.6-r0" "libssl3>=3.1.6-r0" "openssl>=3.1.6-r0" # CVE-2024-4741 CVE-2024-5535
 
 LABEL maintainer="Bunkerity <contact@bunkerity.com>"
 LABEL version="1.5.9"
diff --git a/src/ui/Dockerfile b/src/ui/Dockerfile
index 2d252f176..23b2b8dab 100644
--- a/src/ui/Dockerfile
+++ b/src/ui/Dockerfile
@@ -63,7 +63,7 @@ RUN apk add --no-cache bash unzip libmagic mariadb-client postgresql-client sqli
 
 # Fix CVEs
 RUN apk add --no-cache "busybox>=1.36.1-r17" "busybox-binsh>=1.36.1-r17" "ssl_client>=1.36.1-r17" # CVE-2023-42363 CVE-2023-42364 CVE-2023-42365 CVE-2023-42366
-RUN apk add --no-cache "libcrypto3>=3.1.5-r0" "libssl3>=3.1.5-r0" # CVE-2024-4603
+RUN apk add --no-cache "libcrypto3>=3.1.6-r0" "libssl3>=3.1.6-r0" # CVE-2024-4741 CVE-2024-5535
 
 LABEL maintainer="Bunkerity <contact@bunkerity.com>"
 LABEL version="1.5.9"