Upgrade commons-lang3 to fix CVE-2025-48924
Replace vulnerable commons-lang3 3.16.0 with fixed version 3.18.0 to resolve CVE-2025-48924 (CVSS 6.5 Medium). Image now has 0 vulnerabilities across all severity levels. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
Mathias Beaulieu-Duncan
parent
b2e4c09c2b
commit
553fee0a25
@ -28,7 +28,12 @@ RUN mkdir -p "${ANDROID_HOME}/cmdline-tools" && \
|
|||||||
"platforms;android-${ANDROID_COMPILE_SDK}" \
|
"platforms;android-${ANDROID_COMPILE_SDK}" \
|
||||||
"build-tools;${ANDROID_BUILD_TOOLS}" && \
|
"build-tools;${ANDROID_BUILD_TOOLS}" && \
|
||||||
# Remove lint-psi to eliminate protobuf-java 2.6.1 CVEs (saves 86MB)
|
# Remove lint-psi to eliminate protobuf-java 2.6.1 CVEs (saves 86MB)
|
||||||
rm -rf "${ANDROID_HOME}/cmdline-tools/latest/lib/external/lint-psi"
|
rm -rf "${ANDROID_HOME}/cmdline-tools/latest/lib/external/lint-psi" && \
|
||||||
|
# Upgrade commons-lang3 from 3.16.0 to 3.18.0 to fix CVE-2025-48924
|
||||||
|
rm -f "${ANDROID_HOME}/cmdline-tools/latest/lib/external/org/apache/commons/commons-lang3/3.16.0/commons-lang3-3.16.0.jar" && \
|
||||||
|
mkdir -p "${ANDROID_HOME}/cmdline-tools/latest/lib/external/org/apache/commons/commons-lang3/3.18.0" && \
|
||||||
|
curl -fsSL "https://repo1.maven.org/maven2/org/apache/commons/commons-lang3/3.18.0/commons-lang3-3.18.0.jar" \
|
||||||
|
-o "${ANDROID_HOME}/cmdline-tools/latest/lib/external/org/apache/commons/commons-lang3/3.18.0/commons-lang3-3.18.0.jar"
|
||||||
|
|
||||||
# Clone Flutter SDK from git (supports both amd64 and arm64)
|
# Clone Flutter SDK from git (supports both amd64 and arm64)
|
||||||
RUN git clone --depth 1 --branch ${FLUTTER_VERSION} https://github.com/flutter/flutter.git /opt/flutter && \
|
RUN git clone --depth 1 --branch ${FLUTTER_VERSION} https://github.com/flutter/flutter.git /opt/flutter && \
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user