arkserver docker image has sudo security issue CVE2021-3156 - please provide new image

[maecki-maecki]

Description of Issue

CVE-2021-3156 means sudo is exploitable - this is fixed in xenial, but arkserver/steamcmd image has to be rebuild/republished for fix to be included ...

https://ubuntu.com/security/CVE-2021-3156

[jkread]

I haven't gotten any luck getting response to anything for a while. I forked and have fixed a few of the outstanding issues.

https://github.com/jkread/arkserver

[stale]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

[thmhoag]

Sorry for the delay here @maecki-maecki. Do you have a link to the description of that CVE for posterity? Happy to re-open and address the issue but I wasn't able to find any specifics when I searched for that CVE number.

[maecki-maecki]

https://ubuntu.com/security/CVE-2021-3156 Sorry, had a duplicate digit in that number ... Updated first comment, too

[thmhoag]

Thanks @maecki-maecki, all good. I'm re-opening this, should be a pretty straight-forward fix with an update to the base image.

Linking the base image for posterity: https://github.com/thmhoag/steamcmd

[Gornoka]

I updated the base image and build pipeline on my fork, if this is still relevant to you @maecki-maecki .
https://github.com/Gornoka/arkserver