From 92961b588012d4a14019bf5a2c9bc4e77a8bef03 Mon Sep 17 00:00:00 2001
From: Steven <s-8@outlook.com>
Date: Tue, 7 Oct 2025 19:04:58 +0200
Subject: [PATCH] feat: always force-upgrade alpine openssl

Force upgrade the alpines openssl to  3.5.4-r0 in order to tackle CVE-2025-9230 (low)
CVE-2025-9231 (low)
CVE-2025-9232 (low)

See:
https://github.com/Burnett01/rsync-deployments/security/code-scanning/7

https://github.com/Burnett01/rsync-deployments/security/code-scanning/8

https://github.com/Burnett01/rsync-deployments/security/code-scanning/9
---
 Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index b2cdadb..b6ab743 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -2,7 +2,7 @@
 FROM drinternet/rsync@sha256:e61f4047577b566872764fa39299092adeab691efb3884248dbd6495dc926527
 
 # always force-upgrade rsync to get the latest security fixes
-RUN apk update && apk add --no-cache --upgrade rsync
+RUN apk update && apk add --no-cache --upgrade rsync openssl
 RUN rm -rf /var/cache/apk/*
 
 # Copy entrypoint