fix: update nginx version. fix CVE-2026-9256 (#16732)

### Summary
Updates the NGINX package used in the RAGFlow Docker image from
`1.31.0-1~noble` to `1.31.2-1~noble`.

NGINX 1.31.0 is affected by CVE-2026-9256. NGINX 1.31.2 includes
the corresponding security fix and is available from the official
NGINX mainline repository for Ubuntu Noble.

### References
- nginx security advisories:
https://nginx.org/en/security_advisories.html
- Vendor advisory: https://my.f5.com/manage/s/article/K000161377

### Fix
Single-line change in `Dockerfile:62`:

```diff
-ARG NGINX_VERSION=1.31.0-1~noble
+ARG NGINX_VERSION=1.31.2-1~noble

Co-authored-by: duanyuan <duanyaun@uyuyue.com>
This commit is contained in:
Virus
2026-07-08 19:19:06 +08:00
committed by GitHub
parent 0dd0ac06f8
commit 0f08dc070d

View File

@@ -59,7 +59,7 @@ RUN mkdir -p /usr/share/infinity/resource && \
cp -r /tmp/resource/* /usr/share/infinity/resource && \
rm -rf /tmp/resource
ARG NGINX_VERSION=1.31.0-1~noble
ARG NGINX_VERSION=1.31.2-1~noble
RUN --mount=type=cache,id=ragflow_apt,target=/var/cache/apt,sharing=locked \
mkdir -p /etc/apt/keyrings && \
curl --retry 5 --retry-delay 2 --retry-all-errors -fsSL https://nginx.org/keys/nginx_signing.key | gpg --dearmor -o /etc/apt/keyrings/nginx-archive-keyring.gpg && \