github/OpenHands
1
0
Fork 0
mirror of https://github.com/OpenHands/OpenHands.git synced 2026-03-22 05:37:20 +08:00
Code Issues Packages Projects Releases Wiki Activity

chore: Update OpenSSL in Debian images for security patches (#13401)

Browse Source 
Co-authored-by: openhands <openhands@all-hands.dev>
This commit is contained in:
aivong-openhands
2026-03-19 14:33:23 -05:00
committed by GitHub
parent 38648bddb3
commit 49a98885ab
1 changed files with 3 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
openhands/runtime/utils/runtime_templates/Dockerfile.j2
View File

@@ -46,6 +46,9 @@ RUN apt-get update && \
(apt-get install -y --no-install-recommends libgl1 || apt-get install -y --no-install-recommends libgl1-mesa-glx) && \ (apt-get install -y --no-install-recommends libgl1 || apt-get install -y --no-install-recommends libgl1-mesa-glx) && \
# Install Docker dependencies # Install Docker dependencies
apt-get install -y --no-install-recommends apt-transport-https ca-certificates curl gnupg lsb-release && \ apt-get install -y --no-install-recommends apt-transport-https ca-certificates curl gnupg lsb-release && \
# Security upgrade: patch OpenSSL CVEs (CVE-2025-15467, CVE-2025-69419, CVE-2025-69421, et al.)
(apt-get install -y --no-install-recommends --only-upgrade \
openssl openssl-provider-legacy libssl3t64 || true) && \
# Security upgrade: patch ImageMagick CVEs (CVE-2026-25897, CVE-2026-25968, CVE-2026-26284, et al.) # Security upgrade: patch ImageMagick CVEs (CVE-2026-25897, CVE-2026-25968, CVE-2026-26284, et al.)
(apt-get install -y --no-install-recommends --only-upgrade \ (apt-get install -y --no-install-recommends --only-upgrade \
imagemagick imagemagick-7-common imagemagick-7.q16 \ imagemagick imagemagick-7-common imagemagick-7.q16 \