fix(security): vulnerabilities found in fabric2-all-in-one

Fixes #2057 Signed-off-by: zondervancalvez <[email protected]>
hyperledger-cacti · Aug 11, 2022 · c65ae79 · c65ae79
1 parent 7309f2a
commit c65ae79
Showing 1 changed file with 10 additions and 7 deletions.
diff --git a/tools/docker/fabric-all-in-one/Dockerfile_v2.x b/tools/docker/fabric-all-in-one/Dockerfile_v2.x
@@ -1,11 +1,12 @@
 # We need to use the older, more stable v18 here because of
 # https://github.com/docker-library/docker/issues/170
-FROM docker:20.10.3-dind
+FROM docker:20.10.17-dind
 
-ARG FABRIC_VERSION=2.2.0
-ARG CA_VERSION=1.4.9
+ARG FABRIC_VERSION=2.4.4
+ARG CA_VERSION=1.5.3
 ARG COUCH_VERSION_FABRIC=0.4
-ARG COUCH_VERSION=3.1.1
+ARG COUCH_VERSION=3.2.2
+ARG FABRIC_NODEENV=2.4.2
 
 WORKDIR /
 
@@ -46,8 +47,8 @@ RUN apk add --no-cache file
 RUN apk add --no-cache npm nodejs
 
 # Download and setup path variables for Go
-RUN wget https://golang.org/dl/go1.15.5.linux-amd64.tar.gz
-RUN tar -xvf go1.15.5.linux-amd64.tar.gz
+RUN wget https://golang.org/dl/go1.18.3.linux-amd64.tar.gz
+RUN tar -xvf go1.18.3.linux-amd64.tar.gz
 RUN mv go /usr/local
 ENV GOROOT=/usr/local/go
 ENV GOPATH=/usr/local/go
@@ -62,6 +63,8 @@ RUN apk add --no-cache libc6-compat
 ENV CACTUS_CFG_PATH=/etc/hyperledger/cactus
 RUN mkdir -p $CACTUS_CFG_PATH
 # OpenSSH - need to have it so we can shell in and install/instantiate contracts
+RUN apk update
+RUN apk add --upgrade openssh-client-common openssh-keygen
 RUN apk add --no-cache openssh augeas
 
 # Configure the OpenSSH server we just installed
@@ -149,7 +152,7 @@ RUN mkdir -p /etc/couchdb/
 RUN /download-frozen-image-v2.sh /etc/hyperledger/fabric/fabric-peer/ hyperledger/fabric-peer:${FABRIC_VERSION}
 RUN /download-frozen-image-v2.sh /etc/hyperledger/fabric/fabric-orderer/ hyperledger/fabric-orderer:${FABRIC_VERSION}
 RUN /download-frozen-image-v2.sh /etc/hyperledger/fabric/fabric-ccenv/ hyperledger/fabric-ccenv:${FABRIC_VERSION}
-RUN /download-frozen-image-v2.sh /etc/hyperledger/fabric/fabric-nodeenv/ hyperledger/fabric-nodeenv:${FABRIC_VERSION}
+RUN /download-frozen-image-v2.sh /etc/hyperledger/fabric/fabric-nodeenv/ hyperledger/fabric-nodeenv:${FABRIC_NODEENV}
 RUN /download-frozen-image-v2.sh /etc/hyperledger/fabric/fabric-tools/ hyperledger/fabric-tools:${FABRIC_VERSION}
 RUN /download-frozen-image-v2.sh /etc/hyperledger/fabric/fabric-baseos/ hyperledger/fabric-baseos:${FABRIC_VERSION}
 RUN /download-frozen-image-v2.sh /etc/hyperledger/fabric/fabric-ca/ hyperledger/fabric-ca:${CA_VERSION}