mirror of
https://github.com/infiniflow/ragflow.git
synced 2026-07-09 21:04:49 +08:00
fix: update nginx version. fix CVE-2026-9256 (#16732)
### Summary Updates the NGINX package used in the RAGFlow Docker image from `1.31.0-1~noble` to `1.31.2-1~noble`. NGINX 1.31.0 is affected by CVE-2026-9256. NGINX 1.31.2 includes the corresponding security fix and is available from the official NGINX mainline repository for Ubuntu Noble. ### References - nginx security advisories: https://nginx.org/en/security_advisories.html - Vendor advisory: https://my.f5.com/manage/s/article/K000161377 ### Fix Single-line change in `Dockerfile:62`: ```diff -ARG NGINX_VERSION=1.31.0-1~noble +ARG NGINX_VERSION=1.31.2-1~noble Co-authored-by: duanyuan <duanyaun@uyuyue.com>
This commit is contained in:
@@ -59,7 +59,7 @@ RUN mkdir -p /usr/share/infinity/resource && \
|
||||
cp -r /tmp/resource/* /usr/share/infinity/resource && \
|
||||
rm -rf /tmp/resource
|
||||
|
||||
ARG NGINX_VERSION=1.31.0-1~noble
|
||||
ARG NGINX_VERSION=1.31.2-1~noble
|
||||
RUN --mount=type=cache,id=ragflow_apt,target=/var/cache/apt,sharing=locked \
|
||||
mkdir -p /etc/apt/keyrings && \
|
||||
curl --retry 5 --retry-delay 2 --retry-all-errors -fsSL https://nginx.org/keys/nginx_signing.key | gpg --dearmor -o /etc/apt/keyrings/nginx-archive-keyring.gpg && \
|
||||
|
||||
Reference in New Issue
Block a user