mirror of
https://github.com/element-hq/synapse.git
synced 2024-12-18 17:10:43 +03:00
Explicitly upgrade openssl in docker file and enforce new version of cryptography (#9697)
This commit is contained in:
parent
e2904f720d
commit
12d6184713
4 changed files with 28 additions and 20 deletions
1
changelog.d/9697.docker
Normal file
1
changelog.d/9697.docker
Normal file
|
@ -0,0 +1 @@
|
||||||
|
Ensure that the docker container has up to date versions of openssl.
|
1
changelog.d/9697.misc
Normal file
1
changelog.d/9697.misc
Normal file
|
@ -0,0 +1 @@
|
||||||
|
Enforce that `cryptography` dependency is up to date to ensure it has the most recent openssl patches.
|
|
@ -28,6 +28,7 @@ RUN apt-get update && apt-get install -y \
|
||||||
libwebp-dev \
|
libwebp-dev \
|
||||||
libxml++2.6-dev \
|
libxml++2.6-dev \
|
||||||
libxslt1-dev \
|
libxslt1-dev \
|
||||||
|
openssl \
|
||||||
rustc \
|
rustc \
|
||||||
zlib1g-dev \
|
zlib1g-dev \
|
||||||
&& rm -rf /var/lib/apt/lists/*
|
&& rm -rf /var/lib/apt/lists/*
|
||||||
|
@ -70,6 +71,8 @@ RUN apt-get update && apt-get install -y \
|
||||||
libwebp6 \
|
libwebp6 \
|
||||||
xmlsec1 \
|
xmlsec1 \
|
||||||
libjemalloc2 \
|
libjemalloc2 \
|
||||||
|
libssl-dev \
|
||||||
|
openssl \
|
||||||
&& rm -rf /var/lib/apt/lists/*
|
&& rm -rf /var/lib/apt/lists/*
|
||||||
|
|
||||||
COPY --from=builder /install /usr/local
|
COPY --from=builder /install /usr/local
|
||||||
|
|
|
@ -82,6 +82,9 @@ REQUIREMENTS = [
|
||||||
"Jinja2>=2.9",
|
"Jinja2>=2.9",
|
||||||
"bleach>=1.4.3",
|
"bleach>=1.4.3",
|
||||||
"typing-extensions>=3.7.4",
|
"typing-extensions>=3.7.4",
|
||||||
|
# We enforce that we have a `cryptography` version that bundles an `openssl`
|
||||||
|
# with the latest security patches.
|
||||||
|
"cryptography>=3.4.7;python_version>='3.6'",
|
||||||
]
|
]
|
||||||
|
|
||||||
CONDITIONAL_REQUIREMENTS = {
|
CONDITIONAL_REQUIREMENTS = {
|
||||||
|
|
Loading…
Reference in a new issue