php-ext-snappy icon indicating copy to clipboard operation
php-ext-snappy copied to clipboard

Published 20 hours ago verified publisher icon kjdev

How do I fix vulnerability in image. Vulnerability Details : CVE-2009-3736

Open vcadminksitm opened this issue 2 years ago • 1 comments

Vulnerability Details : CVE-2009-3736

| RESOURCE | VULNERABILITY | SEVERITY | INSTALLED VERSION | FIXED VERSION | +-----------------------------+---------------+----------+-------------------+---------------+ | /app/php-ext-snappy/libtool | CVE-2009-3736 | MEDIUM | 1.5.26 | | +-----------------------------+---------------+----------+-------------------+---------------+

vcadminksitm avatar Feb 01 '23 09:02 vcadminksitm

libtool is not managed in this repository.

libtool is not needed for execution and may be removed.

Only snappy.so is needed.

For example, how to.

  • Remove build tools

    $ make distclean
$ phpize --clean

  • Build in multi-stage, only snappy.so is copied to the execution container image.

    FROM ${IMAGE} as builder
RUN phpize && ./configure && make

FROM ${IMAGE}
COPY --from=builder ${BUILDER_PATH}/snappy.so ${PHP_PATH}/modules/snappy.so

kjdev avatar Feb 01 '23 21:02 kjdev