discourse
/
discourse_docker
mirror of https://github.com/discourse/discourse_docker.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

discourse/base: remove vim package (#582) 

A buffer overflow vulnerability (CVE-2021-3973) has been discovered in
vim. As of the moment, this remains unpatched in Debian. Admittedly the
likelihood of encountering this exploit in the wild within the Discourse
base image is pretty low, but given this image is intended to run
non-interactively vim is not strictly required as a part of the image.
In any case, the package can be added at runtime for debugging purposes.

See https://security-tracker.debian.org/tracker/CVE-2021-3973.
This commit is contained in:
Michael Fitz-Payne 2021-11-26 12:18:04 +10:00 committed by GitHub
parent 676479926e
commit cbacbffe11
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
image/base/Dockerfile
View File

@ -40,7 +40,7 @@ RUN apt -y install build-essential rsync \
postgresql-${PG_MAJOR} postgresql-client-${PG_MAJOR} \
postgresql-contrib-${PG_MAJOR} libpq-dev libreadline-dev \
anacron wget \
psmisc vim whois brotli libunwind-dev \
psmisc whois brotli libunwind-dev \
libtcmalloc-minimal4 cmake \
pngcrush pngquant
RUN sed -i -e 's/start -q anacron/anacron -s/' /etc/cron.d/anacron