Upgrade libcurl from 3.11

It fixes CVE-2020-8231

Change-Id: I90ad55ca8babfa2f178af4d1d601c064d95ed112
Signed-off-by: Cédric Ollivier <cedric.ollivier@orange.com>
(cherry picked from commit cdf3b341bec2d2f2e0fd502974ef819d5410fa8d)

diff --git a/docker/core/Dockerfile b/docker/core/Dockerfile
index b5d9c7e..028d34e 100644 (file)
--- a/docker/core/Dockerfile
+++ b/docker/core/Dockerfile
@@ -4,8 +4,8 @@ ARG BRANCH=stable/hunter
 ARG OPENSTACK_TAG=stable/rocky
 
 RUN apk -U upgrade && \
+    apk --no-cache add --update libcurl --repository=http://dl-cdn.alpinelinux.org/alpine/v3.11/main && \
     apk --no-cache add --update python py-pip bash git mailcap libxml2 libxslt && \
-    apk --no-cache add --update libcurl --repository=http://dl-cdn.alpinelinux.org/alpine/v3.10/main && \
     apk --no-cache add --virtual .build-deps --update \
         python-dev build-base libxml2-dev libxslt-dev && \
     case $(uname -m) in aarch*|arm*) CFLAGS="-O0" \