From 04cadbb362cc8173ef8b02bdb677cb6585f53f9a Mon Sep 17 00:00:00 2001
From: arik <alon.arik@gmail.com>
Date: Tue, 8 Oct 2024 11:47:09 +0300
Subject: [PATCH] update expat to fix critical CVEs (#347)

---
 Dockerfile | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/Dockerfile b/Dockerfile
index 1231571..9b94802 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -9,6 +9,11 @@ ENV PATH="/app/venv/bin:$PATH"
 RUN apt-get update && \
     dpkg --add-architecture arm64
 
+# We're installing here libexpat1, to upgrade the package to include a fix to 3 high CVEs. CVE-2024-45491,CVE-2024-45490,CVE-2024-45492
+RUN apt-get update \
+    && apt-get install -y --no-install-recommends libexpat1 \
+    && rm -rf /var/lib/apt/lists/*
+
 # Set the working directory
 WORKDIR /app