security: fix CVE-2021-3995, CVE-2021-3996

Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
kubernetes-sigs · Jan 25, 2022 · e6d1c8f · e6d1c8f
1 parent 73bc800
commit e6d1c8f
Show file tree

Hide file tree

Showing 3 changed files with 4 additions and 3 deletions.
diff --git a/Makefile b/Makefile
@@ -30,7 +30,7 @@ E2E_PROVIDER_IMAGE_NAME ?= e2e-provider
 # Release version is the current supported release for the driver
 # Update this version when the helm chart is being updated for release
 RELEASE_VERSION := v1.0.1
-IMAGE_VERSION ?= v1.0.1
+IMAGE_VERSION ?= v1.0.1.1
 
 # Use a custom version for E2E tests if we are testing in CI
 ifdef CI

diff --git a/docker/Dockerfile b/docker/Dockerfile
@@ -29,7 +29,8 @@ RUN export GOOS=$TARGETOS && \
 FROM $BASEIMAGE
 COPY --from=builder /go/src/sigs.k8s.io/secrets-store-csi-driver/_output/secrets-store-csi /secrets-store-csi
 # upgrading libgmp10 due to CVE-2021-43618
-RUN clean-install ca-certificates mount libgmp10
+# upgrading bsdutils due to CVE-2021-3995 and CVE-2021-3996
+RUN clean-install ca-certificates mount libgmp10 bsdutils
 
 LABEL maintainers="ritazh"
 LABEL description="Secrets Store CSI Driver"

diff --git a/docker/Makefile b/docker/Makefile
@@ -15,7 +15,7 @@
 REGISTRY?=docker.io/deislabs
 IMAGE_NAME=driver
 CRD_IMAGE_NAME=driver-crds
-IMAGE_VERSION?=v1.0.1
+IMAGE_VERSION?=v1.0.1.1
 BUILD_TIMESTAMP := $(shell date +%Y-%m-%d-%H:%M)
 BUILD_COMMIT := $(shell git rev-parse --short HEAD)
 IMAGE_TAG=$(REGISTRY)/$(IMAGE_NAME):$(IMAGE_VERSION)