Upstream/harbor
1
0
Fork 0
mirror of https://github.com/goharbor/harbor.git synced 2024-11-22 10:15:35 +01:00
Code Issues Projects Releases Wiki Activity

Merge pull request #14092 from dirkmueller/zip_slip

Browse Source 
Update oras to 0.9.0 to fix "zip slip" vulnerability
This commit is contained in:
danfengliu 2021-02-07 16:15:11 +08:00 committed by GitHub
commit f51bcd9fdf
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
tests/e2e-image/Dockerfile
View File

@ -116,9 +116,9 @@ RUN wget https://get.helm.sh/helm-v3.3.3-linux-amd64.tar.gz && tar zxvf helm-v3.
mv linux-amd64/helm /usr/local/bin/helm3 && \
helm3 plugin install https://github.com/chartmuseum/helm-push
RUN curl -LO https://github.com/deislabs/oras/releases/download/v0.8.1/oras_0.8.1_linux_amd64.tar.gz && \
RUN curl -LO https://github.com/deislabs/oras/releases/download/v0.9.0/oras_0.9.0_linux_amd64.tar.gz && \
mkdir -p oras-install/ && \
tar -zxf oras_0.8.1_*.tar.gz -C oras-install/ && \
tar -zxf oras_0.9.0_*.tar.gz -C oras-install/ && \
mv oras-install/oras /usr/local/bin/
RUN wget https://github.com/theupdateframework/notary/releases/download/v0.6.1/notary-Linux-amd64 && \