From 7adadc1c36f28f560a209a9bead2ab4aef849291 Mon Sep 17 00:00:00 2001 From: Vasil Ivanov Date: Mon, 13 Nov 2023 12:24:12 +0000 Subject: [PATCH 1/2] update requirements for container metrics container due to CVE-2023-46136 found by ort scan --- .../container-metrics/requirements.txt | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/resources/docker-snapshot/dockerfiles/container-metrics/requirements.txt b/resources/docker-snapshot/dockerfiles/container-metrics/requirements.txt index 4f07b51..b112286 100644 --- a/resources/docker-snapshot/dockerfiles/container-metrics/requirements.txt +++ b/resources/docker-snapshot/dockerfiles/container-metrics/requirements.txt @@ -1,10 +1,11 @@ -click==8.1.3 -Flask==2.3.2 -importlib-metadata==6.0.0 +blinker==1.7.0 +click==8.1.7 +flask==3.0.0 +Flask-MQTT==1.1.1 +importlib-metadata==6.8.0 itsdangerous==2.1.2 Jinja2==3.1.2 -MarkupSafe==2.1.2 -Werkzeug==2.3.3 -zipp==3.12.1 -Flask-MQTT==1.1.1 -requests==2.28.2 \ No newline at end of file +MarkupSafe==2.1.3 +paho-mqtt==1.6.1 +werkzeug==3.0.1 +zipp==3.17.0 From 2d8f223bff995a04c58ccc8fce814c3d496799f4 Mon Sep 17 00:00:00 2001 From: Vasil Ivanov Date: Mon, 13 Nov 2023 12:29:28 +0000 Subject: [PATCH 2/2] add requests library --- .../dockerfiles/container-metrics/requirements.txt | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/resources/docker-snapshot/dockerfiles/container-metrics/requirements.txt b/resources/docker-snapshot/dockerfiles/container-metrics/requirements.txt index b112286..fe3dca8 100644 --- a/resources/docker-snapshot/dockerfiles/container-metrics/requirements.txt +++ b/resources/docker-snapshot/dockerfiles/container-metrics/requirements.txt @@ -1,11 +1,16 @@ blinker==1.7.0 +certifi==2023.7.22 +charset-normalizer==3.3.2 click==8.1.7 flask==3.0.0 Flask-MQTT==1.1.1 +idna==3.4 importlib-metadata==6.8.0 itsdangerous==2.1.2 Jinja2==3.1.2 MarkupSafe==2.1.3 paho-mqtt==1.6.1 +requests==2.31.0 +urllib3==2.0.7 werkzeug==3.0.1 zipp==3.17.0