Upgrade libpng to fix CVE vulnerability (#2316)

sunnywu · web-flow · commit 2337859a7cff · 2026-01-28T12:36:19.000+11:00
Added apk add --no-cache --upgrade libpng to all Alpine-based Dockerfiles
to address the libpng CVE vulnerability.
diff --git a/Dockerfile b/Dockerfile
@@ -2,7 +2,7 @@
 FROM eclipse-temurin@sha256:243e711289b0f17e05a4df60454bbb1b8ed7b126db4de2d5535da994b7417111
 
 # For Amazon Corretto Crypto Provider
-RUN apk add --no-cache gcompat
+RUN apk add --no-cache --upgrade libpng && apk add --no-cache gcompat
 
 WORKDIR /app
 EXPOSE 8080
