Elgato_dark/fleet
1
0
Fork 0
mirror of https://github.com/fleetdm/fleet synced 2026-05-24 09:28:54 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 30
fleet/tools/mdm/migration
History
Sharon Katz 6032c137e5
Bump Alpine base image to 3.23.4 to resolve openssl/musl/zlib CVEs (#43671) (#44097) 
Resolves #43671.

Bumps the Alpine base image from 3.23.3 to 3.23.4 in the Dockerfiles
that produce published images, picking up patched openssl, musl, and
zlib packages. Follows the same pattern as #38977.

### CVEs resolved
- HIGH: CVE-2026-28388, CVE-2026-28389, CVE-2026-28390, CVE-2026-31790,
CVE-2026-2673, CVE-2026-40200
- MEDIUM: CVE-2026-27171, CVE-2026-6042, CVE-2026-22184

### Test plan
- CI image build passes.
- Trivy/ECR scan on the resulting fleetdm/fleet image confirms the nine
listed CVEs are gone.

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

* **Chores**
* Updated Docker base images to Alpine 3.23.4 across infrastructure and
deployment components for improved stability and security.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-04-23 23:15:53 -03:00
..
echo Update backend MDM migration flow and add logging to aid in debugging migration errors (#16627) 2024-02-06 16:53:43 -06:00
jamf Updating golangci-lint to 1.61.0 (#22973) 2024-10-18 12:38:26 -05:00
kandji Updating golangci-lint to 1.61.0 (#22973) 2024-10-18 12:38:26 -05:00
mdmproxy Bump Alpine base image to 3.23.4 to resolve openssl/musl/zlib CVEs (#43671) (#44097) 2026-04-23 23:15:53 -03:00
micromdm Additional CA validation (#27169) 2025-03-19 08:27:55 -05:00
simplemdm Add tooling for MDM migration webhook testing (#29794) 2025-06-06 11:43:48 -05:00