Skip to content

Commit e9cf254

Browse files
renovate-sh-app[bot]Proximyst
renovate-sh-app[bot]
and
Proximyst
authored
fix: update node.js to aab5ffa (#824)
Fixes: CVE-2024-13978 Fixes: CVE-2025-8961 Fixes: CVE-2025-9165 Fixes: CVE-2025-9230 Fixes: CVE-2025-9231 Fixes: CVE-2025-9232 Fixes: CVE-2025-9900 Co-authored-by: renovate-sh-app[bot] <219655108+renovate-sh-app[bot]@users.noreply.github.com> Co-authored-by: Mariell Hoversholm <[email protected]>
1 parent 5aa389c commit e9cf254

File tree

2 files changed

+4
-3
lines changed

2 files changed

+4
-3
lines changed

CHANGELOG.md

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -4,7 +4,8 @@
44
- This only removes the headers. The CVEs are not actually exploitable in the image.
55
- This work is done to clean up CVE results in tools like Trivy and Grype, that scan vulnerabilities in images.
66
- fix: remove all unnecessary headers and unnecessary packages (CVE-2017-13716, CVE-2018-20673, CVE-2018-20712, CVE-2018-9996, CVE-2020-36325, CVE-2021-32256, CVE-2025-11081, CVE-2025-11082, CVE-2025-11083, CVE-2025-11411, CVE-2025-11412, CVE-2025-11413, CVE-2025-11414, CVE-2025-1147, CVE-2025-1148, CVE-2025-1149, CVE-2025-11494, CVE-2025-11495, CVE-2025-1150, CVE-2025-1151, CVE-2025-1152, CVE-2025-1153, CVE-2025-1176, CVE-2025-1178, CVE-2025-1180, CVE-2025-1181, CVE-2025-1182, CVE-2025-11839, CVE-2025-11840, CVE-2025-3198, CVE-2025-5244, CVE-2025-5245, CVE-2025-7545, CVE-2025-7546, CVE-2025-8225), [#837](https://github.com/grafana/grafana-image-renderer/pull/837), [Proximyst](https://github.com/Proximyst)
7-
- fix: upgrade in Dockerfile (CVE-2024-13978, CVE-2025-8961, CVE-2025-9165, CVE-2025-9900)
7+
- fix: upgrade in Dockerfile (CVE-2024-13978, CVE-2025-8961, CVE-2025-9165, CVE-2025-9900), [#838](https://github.com/grafana/grafana-image-renderer/pull/838), [Proximyst](https://github.com/Proximyst)
8+
- fix: update node.js to aab5ffa (CVE-2024-13978, CVE-2025-8961, CVE-2025-9165, CVE-2025-9230, CVE-2025-9231, CVE-2025-9232, CVE-2025-9900), [#824](https://github.com/grafana/grafana-image-renderer/pull/824), [renovate-sh-app (bot)](https://github.com/apps/renovate-sh-app), [Proximyst](https://github.com/Proximyst)
89

910
## 4.1.3 (2025-10-29)
1011

Dockerfile

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
FROM node:22-trixie@sha256:093113ea41201970b0581e6d16da633a35bca5c71d7f9c2ef2883f56f8c7483b AS build
1+
FROM node:22-trixie@sha256:aab5ffa3c0aaf9fba09d51bdda99caf4815217ed48d64c0fd8518e141b5c16f8 AS build
22

33
WORKDIR /src
44
COPY . ./
@@ -7,7 +7,7 @@ RUN yarn install --pure-lockfile
77
RUN yarn run build
88
RUN rm -rf node_modules/ && yarn install --pure-lockfile --production
99

10-
FROM node:22-trixie@sha256:093113ea41201970b0581e6d16da633a35bca5c71d7f9c2ef2883f56f8c7483b AS output_image
10+
FROM node:22-trixie@sha256:aab5ffa3c0aaf9fba09d51bdda99caf4815217ed48d64c0fd8518e141b5c16f8 AS output_image
1111

1212
LABEL maintainer="Grafana team <[email protected]>"
1313
LABEL org.opencontainers.image.source="https://github.com/grafana/grafana-image-renderer/tree/master/Dockerfile"

0 commit comments

Comments
 (0)