github/OpenHands
1
0
Fork 0
mirror of https://github.com/OpenHands/OpenHands.git synced 2026-03-22 05:37:20 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix(enterprise): add GnuPG package updates for security CVEs

Browse Source 
Add GnuPG-related packages to apt-get upgrade to fix:
- CVE-2026-24882 (HIGH): Stack-based buffer overflow in tpm2daemon
- CVE-2025-68972 (MEDIUM): Signature bypass via form feed character

Packages updated: dirmngr, gnupg, gnupg-l10n, gnupg-utils, gpg,
gpg-agent, gpg-wks-client, gpgconf, gpgsm, gpgv

Co-authored-by: openhands <openhands@all-hands.dev>
This commit is contained in:
openhands
2026-03-20 21:30:12 -05:00
parent 94b45c6c36
commit 53821e0a7d
1 changed files with 12 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
enterprise/Dockerfile
View File

@@ -19,7 +19,18 @@ RUN apt-get update && \
libc6 \
libgnutls30 \
libsqlite3-0 \
perl-base && \
perl-base \
# GnuPG packages - CVE-2026-24882 (HIGH), CVE-2025-68972 (MEDIUM)
dirmngr \
gnupg \
gnupg-l10n \
gnupg-utils \
gpg \
gpg-agent \
gpg-wks-client \
gpgconf \
gpgsm \
gpgv && \
apt-get clean && \
rm -rf /var/lib/apt/lists/*