Skip to content

Commit

Permalink
Patchfix ARM rsync vulnerability in container
Browse files Browse the repository at this point in the history
  • Loading branch information
@trvachov
trvachov committed Jan 28, 2025
1 parent a7450ff commit db22af3
Showing 1 changed file with 13 additions and 0 deletions.
13 changes: 13 additions & 0 deletions Dockerfile.arm
View file
Original file line number Diff line number Diff line change
Expand Up @@ -345,6 +345,19 @@ COPY ./docs ./docs
COPY --from=rust-env /usr/local/cargo /usr/local/cargo
COPY --from=rust-env /usr/local/rustup /usr/local/rustup

# Remove security vuln with rsync on ARM systems:
# https://ubuntu.com/security/CVE-2024-12084
RUN <<EOF
apt-get -y purge rsync
wget https://download.samba.org/pub/rsync/src/rsync-3.4.1.tar.gz
tar -xvzf rsync-3.4.1.tar.gz
cd rsync-3.4.1
./configure --disable-xxhash --disable-zstd --disable-lz4
make && make install
cd ..
rm -rf rsync-3.4.1 rsync-3.4.1.tar.gz
EOF


# RUN rm -rf /usr/local/cargo /usr/local/rustup
RUN chmod 777 -R /workspace/bionemo2/
Expand Down

0 comments on commit db22af3

Please sign in to comment.