github/OpenHands
1
0
Fork 0
mirror of https://github.com/OpenHands/OpenHands.git synced 2026-03-22 05:37:20 +08:00
Code Issues Packages Projects Releases Wiki Activity

chore: Update imagemagick in Debian images for security patches (#13397)

Browse Source
This commit is contained in:
Ray Myers
2026-03-13 22:48:50 -05:00
committed by GitHub
parent a14158e818
commit a8ff720b40
1 changed files with 9 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
openhands/runtime/utils/runtime_templates/Dockerfile.j2
View File

@@ -45,7 +45,15 @@ RUN apt-get update && \
libasound2-plugins libatomic1 && \
(apt-get install -y --no-install-recommends libgl1 || apt-get install -y --no-install-recommends libgl1-mesa-glx) && \
# Install Docker dependencies
apt-get install -y --no-install-recommends apt-transport-https ca-certificates curl gnupg lsb-release
apt-get install -y --no-install-recommends apt-transport-https ca-certificates curl gnupg lsb-release && \
# Security upgrade: patch ImageMagick CVEs (CVE-2026-25897, CVE-2026-25968, CVE-2026-26284, et al.)
(apt-get install -y --no-install-recommends --only-upgrade \
imagemagick imagemagick-7-common imagemagick-7.q16 \
libmagickcore-7-arch-config libmagickcore-7-headers \
libmagickcore-7.q16-10 libmagickcore-7.q16-10-extra \
libmagickcore-7.q16-dev libmagickcore-dev \
libmagickwand-7-headers libmagickwand-7.q16-10 \
libmagickwand-7.q16-dev libmagickwand-dev || true)
{% endif %}
{% if (('ubuntu' in base_image) or ('mswebench' in base_image)) %}