security: fix CVE-2022-37434

Signed-off-by: Anish Ramasekar <[email protected]>
kubernetes-sigs · Aug 26, 2022 · 0dde850 · 0dde850
1 parent 1d80293
commit 0dde850
Showing 1 changed file with 2 additions and 1 deletion.
diff --git a/docker/Dockerfile b/docker/Dockerfile
@@ -28,7 +28,8 @@ RUN export GOOS=$TARGETOS && \
 
 FROM $BASEIMAGE
 COPY --from=builder /go/src/sigs.k8s.io/secrets-store-csi-driver/_output/secrets-store-csi /secrets-store-csi
-RUN clean-install ca-certificates mount
+# upgrading zlib1g due to CVE-2022-37434
+RUN clean-install ca-certificates mount zlib1g
 
 LABEL maintainers="ritazh"
 LABEL description="Secrets Store CSI Driver"