Skip to content

fix(deps): patch Alpine packages to address gnutls CVE-2026-33845#162

Merged
amavashev merged 1 commit into
mainfrom
fix/patch-alpine-gnutls
May 3, 2026
Merged

fix(deps): patch Alpine packages to address gnutls CVE-2026-33845#162
amavashev merged 1 commit into
mainfrom
fix/patch-alpine-gnutls

Conversation

@amavashev
Copy link
Copy Markdown
Collaborator

@amavashev amavashev commented May 3, 2026

Same fix as cycles-server#145 and cycles-server-events#54. Closes the gnutls 3.8.12-r0 CVE bundle (HIGH CVE-2026-33845 + 12 others) on cycles-server-admin's image.

apk upgrade --no-cache closes the patch-level gap on every build.

Unblocks PR #161 (currently failing pr-container-scan for the same root cause).

@amavashev
fix(deps): patch Alpine packages to address gnutls CVE-2026-33845
03baee1 
Same fix as runcycles/cycles-server#145 and runcycles/cycles-server-events#54.
Trivy on cycles-server-admin's image flagged the same gnutls 3.8.12-r0
HIGH/MEDIUM/LOW CVEs that affect every consumer of the upstream
eclipse-temurin:21-jre-alpine tag at this point in time.

'apk upgrade --no-cache' closes the patch-level gap on every build,
so future Alpine CVE patches are picked up without manual intervention.

Unblocks PR #161 (which has been failing the pr-container-scan step
for the same root cause).
@amavashev amavashev enabled auto-merge (squash) May 3, 2026 02:03
@amavashev amavashev merged commit ec65db3 into main May 3, 2026
7 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@amavashev