From 08c4b945148319fbfa3bcc3ba7921fdef13e7542 Mon Sep 17 00:00:00 2001
From: Thiago Oliveira <thiago.oliveira@nava.com.br>
Date: Mon, 9 Oct 2023 13:18:14 -0300
Subject: [PATCH 1/3] sec: bump on alpine minor version to 3.18.4

for critical vulnerabilities:
CVE-2022-48174
CVE-2023-37920
---
 Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index 47c0b13..6c4850f 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -7,7 +7,7 @@ RUN apt-get update && apt-get install -y \
 
 RUN /tmp/fetch_binaries.sh
 
-FROM alpine:3.18.0
+FROM alpine:3.18.4
 
 RUN set -ex \
     && echo "http://dl-cdn.alpinelinux.org/alpine/edge/main" >> /etc/apk/repositories \

From 730f6d34f52a8d92d9513511bd6815ebf4343ac5 Mon Sep 17 00:00:00 2001
From: Thiago Oliveira <thiago.oliveira@nava.com.br>
Date: Mon, 9 Oct 2023 13:22:10 -0300
Subject: [PATCH 2/3] sec: changes the url used to fetch calicoctl binaries

so we can get latest releases and get rid of these vulnerabilities:
CVE-2021-3538
CVE-2019-20933
CVE-2022-1996
---
 build/fetch_binaries.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/build/fetch_binaries.sh b/build/fetch_binaries.sh
index 2ac6a2e..81ce61b 100755
--- a/build/fetch_binaries.sh
+++ b/build/fetch_binaries.sh
@@ -25,8 +25,8 @@ get_ctop() {
 }
 
 get_calicoctl() {
-  VERSION=$(get_latest_release projectcalico/calicoctl)
-  LINK="https://github.com/projectcalico/calicoctl/releases/download/${VERSION}/calicoctl-linux-${ARCH}"
+  VERSION=$(get_latest_release projectcalico/calico)
+  LINK="https://github.com/projectcalico/calico/releases/download/${VERSION}/calicoctl-linux-${ARCH}"
   wget "$LINK" -O /tmp/calicoctl && chmod +x /tmp/calicoctl
 }
 

From c33f7c9f64b390530b37a14c587575f987e5b1bd Mon Sep 17 00:00:00 2001
From: Thiago Oliveira <thiago.oliveira@nava.com.br>
Date: Wed, 21 Feb 2024 17:30:22 -0300
Subject: [PATCH 3/3] security: bump on alpine version to 3.19.1

---
 Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index 6c4850f..68d97ae 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -7,7 +7,7 @@ RUN apt-get update && apt-get install -y \
 
 RUN /tmp/fetch_binaries.sh
 
-FROM alpine:3.18.4
+FROM alpine:3.19.1
 
 RUN set -ex \
     && echo "http://dl-cdn.alpinelinux.org/alpine/edge/main" >> /etc/apk/repositories \