From 0d17de42e93a5d9d233bd9b00537db0020f3ee53 Mon Sep 17 00:00:00 2001
From: John Tuttle <john.tuttle@cyberark.com>
Date: Fri, 29 Apr 2022 12:57:29 -0400
Subject: [PATCH] Update Redhat image package to resolve CVE-2022-1271

---
 Dockerfile | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index e12f6f4e0..f0dea25b7 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -42,7 +42,7 @@ RUN go build -ldflags="-X github.com/cyberark/secretless-broker/pkg/secretless.T
 
 
 # =================== MAIN CONTAINER ===================
-FROM alpine:3.14 as secretless-broker
+FROM alpine:3.15 as secretless-broker
 MAINTAINER CyberArk Software Ltd.
 
 RUN apk add -u shadow libc6-compat openssl && \
@@ -94,6 +94,9 @@ LABEL summary="Secure your apps by making them Secretless"
 LABEL description="Secretless Broker is a connection broker which relieves client \
 applications of the need to directly handle secrets to target services"
 
+# Update packages to get CVE fixes
+RUN dnf update -y
+
     # Add Limited user
 RUN groupadd -r secretless \
              -g 777 && \