fix: upgrade c-ares to address CVE-2025-62408 and add MaxMind GeoLite2 configuration files

This commit is contained in:
GitHub Actions
2025-12-16 14:46:19 +00:00
parent 0a4ea58110
commit 53f3e44999
2 changed files with 6 additions and 1 deletions

View File

@@ -244,9 +244,11 @@ FROM ${CADDY_IMAGE}
WORKDIR /app
# Install runtime dependencies for Charon (no bash needed)
# Explicitly upgrade c-ares to fix CVE-2025-62408
# hadolint ignore=DL3018
RUN apk --no-cache add ca-certificates sqlite-libs tzdata curl gettext \
&& apk --no-cache upgrade
&& apk --no-cache upgrade \
&& apk --no-cache upgrade c-ares
# Download MaxMind GeoLite2 Country database
# Note: In production, users should provide their own MaxMind license key

View File

@@ -43,7 +43,10 @@ github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RR
github.com/mwitkow/go-conntrack v0.0.0-20190716064945-2f068394615f h1:KUppIJq7/+SVif2QVs3tOP0zanoHgBEVAwHxUSIzRqU=
github.com/mwitkow/go-conntrack v0.0.0-20190716064945-2f068394615f/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U=
github.com/oschwald/geoip2-golang/v2 v2.0.1 h1:YcYoG/L+gmSfk7AlToTmoL0JvblNyhGC8NyVhwDzzi8=
<<<<<<< HEAD
github.com/oschwald/geoip2-golang/v2 v2.0.1/go.mod h1:qdVmcPgrTJ4q2eP9tHq/yldMTdp2VMr33uVdFbHBiBc=
=======
>>>>>>> 21d0478 (fix: upgrade c-ares to address CVE-2025-62408 and add MaxMind GeoLite2 configuration files)
github.com/oschwald/maxminddb-golang/v2 v2.1.1 h1:lA8FH0oOrM4u7mLvowq8IT6a3Q/qEnqRzLQn9eH5ojc=
github.com/oschwald/maxminddb-golang/v2 v2.1.1/go.mod h1:PLdx6PR+siSIoXqqy7C7r3SB3KZnhxWr1Dp6g0Hacl8=
github.com/pkg/diff v0.0.0-20210226163009-20ebb0f2a09e/go.mod h1:pJLUxLENpZxwdsKMEsNbx1VGcRFpLqf3715MtcvvzbA=