fix

2025-08-11 13:48:37 +02:00 · 2025-08-05 15:01:01 +01:00 · 2025-08-05 15:01:01 +01:00 · f1cdf6992f
commit f1cdf6992f
parent e284f818b7
3 changed files with 23 additions and 20 deletions
--- a/15
+++ b/15
@ -43,6 +43,7 @@ ENV DISABLE_ADDITIONAL_FEATURES=true \
 RUN echo "@main https://dl-cdn.alpinelinux.org/alpine/edge/main" | tee -a /etc/apk/repositories && \
    echo "@community https://dl-cdn.alpinelinux.org/alpine/edge/community" | tee -a /etc/apk/repositories && \
    echo "@testing https://dl-cdn.alpinelinux.org/alpine/edge/testing" | tee -a /etc/apk/repositories && \
+    apk update && \
    apk upgrade --no-cache -a && \
    apk add --no-cache \
    ca-certificates \
@ -56,10 +57,10 @@ RUN echo "@main https://dl-cdn.alpinelinux.org/alpine/edge/main" | tee -a /etc/a
    openssl-dev \
    openjdk21-jre \
    # Security updates - remove when Alpine base image updates these
-    # libjxl@community fixes CVE-2024-11403, CVE-2024-11498
-    # rav1e@community fixes CVE-2025-4574, GHSA-2rxc-gjrp-vjhx, RUSTSEC-2024-0404, GHSA-pg9f-39pc-qf8g
-    libjxl@community \
-    rav1e@community \
+    # libjxl fixes CVE-2024-11403, CVE-2024-11498
+    # rav1e fixes CVE-2025-4574, GHSA-2rxc-gjrp-vjhx, RUSTSEC-2024-0404, GHSA-pg9f-39pc-qf8g
+    libjxl \
+    rav1e \
    # Doc conversion
    gcompat \
    libc6-compat \
@ -78,9 +79,9 @@ RUN echo "@main https://dl-cdn.alpinelinux.org/alpine/edge/main" | tee -a /etc/a
    python3 \
    ocrmypdf \
    py3-pip \
-    # py3-pillow@community fixes CVE-2025-48379 - ensure Pillow 11.3.0+ instead of 11.2.1
-    py3-pillow@community \
-    py3-pdf2image@testing \
+    # py3-pillow fixes CVE-2025-48379 - ensure Pillow 11.3.0+ instead of 11.2.1
+    py3-pillow \
+    py3-pdf2image \
    # URW Base 35 fonts for better PDF rendering
    font-urw-base35 && \
    python3 -m venv /opt/venv && \
--- a/Dockerfile.fat
+++ b/Dockerfile.fat
@ -57,6 +57,7 @@ ENV DISABLE_ADDITIONAL_FEATURES=true \
 RUN echo "@main https://dl-cdn.alpinelinux.org/alpine/edge/main" | tee -a /etc/apk/repositories && \
    echo "@community https://dl-cdn.alpinelinux.org/alpine/edge/community" | tee -a /etc/apk/repositories && \
    echo "@testing https://dl-cdn.alpinelinux.org/alpine/edge/testing" | tee -a /etc/apk/repositories && \
+    apk update && \
    apk upgrade --no-cache -a && \
    apk add --no-cache \
    ca-certificates \
@ -70,10 +71,10 @@ RUN echo "@main https://dl-cdn.alpinelinux.org/alpine/edge/main" | tee -a /etc/a
    openssl-dev \
    openjdk21-jre \
    # Security updates - remove when Alpine base image updates these
-    # libjxl@community fixes CVE-2024-11403, CVE-2024-11498
-    # rav1e@community fixes CVE-2025-4574, GHSA-2rxc-gjrp-vjhx, RUSTSEC-2024-0404, GHSA-pg9f-39pc-qf8g
-    libjxl@community \
-    rav1e@community \
+    # libjxl fixes CVE-2024-11403, CVE-2024-11498
+    # rav1e fixes CVE-2025-4574, GHSA-2rxc-gjrp-vjhx, RUSTSEC-2024-0404, GHSA-pg9f-39pc-qf8g
+    libjxl \
+    rav1e \
    # Doc conversion
    gcompat \
    libc6-compat \
@ -93,9 +94,9 @@ RUN echo "@main https://dl-cdn.alpinelinux.org/alpine/edge/main" | tee -a /etc/a
    python3 \
    ocrmypdf \
    py3-pip \
-    # py3-pillow@community fixes CVE-2025-48379 - ensure Pillow 11.3.0+ instead of 11.2.1
-    py3-pillow@community \
-    py3-pdf2image@testing && \
+    # py3-pillow fixes CVE-2025-48379 - ensure Pillow 11.3.0+ instead of 11.2.1
+    py3-pillow \
+    py3-pdf2image && \
    python3 -m venv /opt/venv && \
    /opt/venv/bin/pip install --no-cache-dir --upgrade pip setuptools && \
    /opt/venv/bin/pip install --no-cache-dir --upgrade unoserver weasyprint && \
--- a/Dockerfile.ultra-lite
+++ b/Dockerfile.ultra-lite
@ -24,9 +24,10 @@ COPY scripts/installFonts.sh /scripts/installFonts.sh
 COPY app/core/build/libs/*.jar app.jar

 # Set up necessary directories and permissions
-RUN echo "@testing https://dl-cdn.alpinelinux.org/alpine/edge/main" | tee -a /etc/apk/repositories && \
-    echo "@testing https://dl-cdn.alpinelinux.org/alpine/edge/community" | tee -a /etc/apk/repositories && \
+RUN echo "@main https://dl-cdn.alpinelinux.org/alpine/edge/main" | tee -a /etc/apk/repositories && \
+    echo "@community https://dl-cdn.alpinelinux.org/alpine/edge/community" | tee -a /etc/apk/repositories && \
    echo "@testing https://dl-cdn.alpinelinux.org/alpine/edge/testing" | tee -a /etc/apk/repositories && \
+    apk update && \
    apk upgrade --no-cache -a && \
    apk add --no-cache \
        ca-certificates \
@ -38,10 +39,10 @@ RUN echo "@testing https://dl-cdn.alpinelinux.org/alpine/edge/main" | tee -a /et
        su-exec \
        openjdk21-jre \
        # Security updates - remove when Alpine base image updates these
-        # libjxl@community fixes CVE-2024-11403, CVE-2024-11498
-        # rav1e@community fixes CVE-2025-4574, GHSA-2rxc-gjrp-vjhx, RUSTSEC-2024-0404, GHSA-pg9f-39pc-qf8g
-        libjxl@community \
-        rav1e@community && \
+        # libjxl fixes CVE-2024-11403, CVE-2024-11498
+        # rav1e fixes CVE-2025-4574, GHSA-2rxc-gjrp-vjhx, RUSTSEC-2024-0404, GHSA-pg9f-39pc-qf8g
+        libjxl \
+        rav1e && \
    # User permissions
    mkdir -p /configs /logs /customFiles /usr/share/fonts/opentype/noto /tmp/stirling-pdf /pipeline/watchedFolders /pipeline/finishedFolders && \
    chmod +x /scripts/*.sh && \