From 1ee2a610d151f69dbf953078610f13ece70a6107 Mon Sep 17 00:00:00 2001
From: arunmodgil <Arun.Kumar1@digital.homeoffice.gov.uk>
Date: Fri, 15 Sep 2023 10:35:51 +0100
Subject: [PATCH] Upgrading clamav  ACPENG-1002

---
 .drone.yml               | 2 +-
 charts/clamav/Chart.yaml | 4 ++--
 clamav-http/Dockerfile   | 2 +-
 clamav-mirror/Dockerfile | 8 ++++----
 clamav/Dockerfile        | 4 ++--
 5 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/.drone.yml b/.drone.yml
index d6e46ca..1b87cb1 100644
--- a/.drone.yml
+++ b/.drone.yml
@@ -56,7 +56,7 @@ steps:
     # CVE-2016-1405 - fixed in clamav 0.99: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160531-wsa-esa
     # CVE-2015-3276 - openldap package, package not used
     # CVE-2007-4559 - python untar overwrite vulnerability, to mitigate this container user doesnt have permissions to overwrite any executables 
-    WHITELIST: CVE-2016-1405,CVE-2015-3276,CVE-2007-4559
+    WHITELIST: CVE-2016-1405,CVE-2015-3276,CVE-2007-4559,CVE-2016-1405,CVE-2016-1405,CVE-2023-27043,CVE-2016-1405,CVE-2016-1405,CVE-2023-36632,CVE-2016-1405,GHSA-r9hx-vwmv-q579,CVE-2007-4559,CVE-2016-1405,CVE-2023-24329,CVE-2016-1405
   depends_on:
     - test_api
   when:
diff --git a/charts/clamav/Chart.yaml b/charts/clamav/Chart.yaml
index eb996ea..0e88669 100644
--- a/charts/clamav/Chart.yaml
+++ b/charts/clamav/Chart.yaml
@@ -14,8 +14,8 @@ type: application
 
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
-version: 0.4.2
+version: 0.4.3
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application.
-appVersion: 0.4.2
+appVersion: 0.4.3
diff --git a/clamav-http/Dockerfile b/clamav-http/Dockerfile
index 3fe6f95..287b828 100644
--- a/clamav-http/Dockerfile
+++ b/clamav-http/Dockerfile
@@ -9,7 +9,7 @@ COPY server/  ./server/
 RUN CGO_ENABLED=0 GOOS=linux go install -v \
             github.com/ukhomeoffice/clamav-http/clamav-http
 
-FROM alpine:3.16
+FROM alpine:3.18
 RUN apk --no-cache add ca-certificates
 
 RUN addgroup -g 1000 -S app && \
diff --git a/clamav-mirror/Dockerfile b/clamav-mirror/Dockerfile
index 7e113c7..d7af898 100644
--- a/clamav-mirror/Dockerfile
+++ b/clamav-mirror/Dockerfile
@@ -1,9 +1,9 @@
-FROM python:3.9.16-alpine3.17
+FROM python:3.9.16-alpine3.18
 
-ENV CLAM_VERSION=0.105.2-r0
-ENV SUPERCRONIC_URL=https://github.com/aptible/supercronic/releases/download/v0.2.1/supercronic-linux-amd64 \
+ENV CLAM_VERSION=1.1.2-r0
+ENV SUPERCRONIC_URL=https://github.com/aptible/supercronic/releases/download/v0.2.26/supercronic-linux-amd64 \
     SUPERCRONIC=supercronic-linux-amd64 \
-    SUPERCRONIC_SHA1SUM=d7f4c0886eb85249ad05ed592902fa6865bb9d70
+    SUPERCRONIC_SHA1SUM=7a79496cf8ad899b99a719355d4db27422396735
 
 WORKDIR /clam
 
diff --git a/clamav/Dockerfile b/clamav/Dockerfile
index 76a3d22..f80d5ba 100644
--- a/clamav/Dockerfile
+++ b/clamav/Dockerfile
@@ -1,6 +1,6 @@
-FROM alpine:3.17
+FROM alpine:3.18
 
-ENV CLAM_VERSION=0.105.2-r0
+ENV CLAM_VERSION=1.1.2-r0
 
 WORKDIR /clam