From c65ae79da603bd1820c079c5c7768dba652988b3 Mon Sep 17 00:00:00 2001 From: zondervancalvez Date: Fri, 17 Jun 2022 14:45:37 +0800 Subject: [PATCH] fix(security): vulnerabilities found in fabric2-all-in-one Fixes #2057 Signed-off-by: zondervancalvez --- tools/docker/fabric-all-in-one/Dockerfile_v2.x | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) diff --git a/tools/docker/fabric-all-in-one/Dockerfile_v2.x b/tools/docker/fabric-all-in-one/Dockerfile_v2.x index a5920f92c94..b8646dfa3a8 100644 --- a/tools/docker/fabric-all-in-one/Dockerfile_v2.x +++ b/tools/docker/fabric-all-in-one/Dockerfile_v2.x @@ -1,11 +1,12 @@ # We need to use the older, more stable v18 here because of # https://github.com/docker-library/docker/issues/170 -FROM docker:20.10.3-dind +FROM docker:20.10.17-dind -ARG FABRIC_VERSION=2.2.0 -ARG CA_VERSION=1.4.9 +ARG FABRIC_VERSION=2.4.4 +ARG CA_VERSION=1.5.3 ARG COUCH_VERSION_FABRIC=0.4 -ARG COUCH_VERSION=3.1.1 +ARG COUCH_VERSION=3.2.2 +ARG FABRIC_NODEENV=2.4.2 WORKDIR / @@ -46,8 +47,8 @@ RUN apk add --no-cache file RUN apk add --no-cache npm nodejs # Download and setup path variables for Go -RUN wget https://golang.org/dl/go1.15.5.linux-amd64.tar.gz -RUN tar -xvf go1.15.5.linux-amd64.tar.gz +RUN wget https://golang.org/dl/go1.18.3.linux-amd64.tar.gz +RUN tar -xvf go1.18.3.linux-amd64.tar.gz RUN mv go /usr/local ENV GOROOT=/usr/local/go ENV GOPATH=/usr/local/go @@ -62,6 +63,8 @@ RUN apk add --no-cache libc6-compat ENV CACTUS_CFG_PATH=/etc/hyperledger/cactus RUN mkdir -p $CACTUS_CFG_PATH # OpenSSH - need to have it so we can shell in and install/instantiate contracts +RUN apk update +RUN apk add --upgrade openssh-client-common openssh-keygen RUN apk add --no-cache openssh augeas # Configure the OpenSSH server we just installed @@ -149,7 +152,7 @@ RUN mkdir -p /etc/couchdb/ RUN /download-frozen-image-v2.sh /etc/hyperledger/fabric/fabric-peer/ hyperledger/fabric-peer:${FABRIC_VERSION} RUN /download-frozen-image-v2.sh /etc/hyperledger/fabric/fabric-orderer/ hyperledger/fabric-orderer:${FABRIC_VERSION} RUN /download-frozen-image-v2.sh /etc/hyperledger/fabric/fabric-ccenv/ hyperledger/fabric-ccenv:${FABRIC_VERSION} -RUN /download-frozen-image-v2.sh /etc/hyperledger/fabric/fabric-nodeenv/ hyperledger/fabric-nodeenv:${FABRIC_VERSION} +RUN /download-frozen-image-v2.sh /etc/hyperledger/fabric/fabric-nodeenv/ hyperledger/fabric-nodeenv:${FABRIC_NODEENV} RUN /download-frozen-image-v2.sh /etc/hyperledger/fabric/fabric-tools/ hyperledger/fabric-tools:${FABRIC_VERSION} RUN /download-frozen-image-v2.sh /etc/hyperledger/fabric/fabric-baseos/ hyperledger/fabric-baseos:${FABRIC_VERSION} RUN /download-frozen-image-v2.sh /etc/hyperledger/fabric/fabric-ca/ hyperledger/fabric-ca:${CA_VERSION}