From 2faceb31dc80e49be4e2d03c7879743cb1ae571d Mon Sep 17 00:00:00 2001
From: Igor Witz <igor.witz@etu.utc.fr>
Date: Thu, 29 Nov 2018 13:30:26 +0100
Subject: [PATCH] Update pica-dokuwiki/Dockerfile,
 pica-dokuwiki/clair-whitelist.yml files

---
 pica-dokuwiki/Dockerfile          | 9 +++------
 pica-dokuwiki/clair-whitelist.yml | 3 ++-
 2 files changed, 5 insertions(+), 7 deletions(-)

diff --git a/pica-dokuwiki/Dockerfile b/pica-dokuwiki/Dockerfile
index 841eeb1a..d8e10dd7 100644
--- a/pica-dokuwiki/Dockerfile
+++ b/pica-dokuwiki/Dockerfile
@@ -7,15 +7,12 @@ COPY --chown=www-data run.sh /
 WORKDIR /var/www
 RUN apt-get update -y && \
     apt-get install -y \
-        curl \
-        aptitude \
+        wget \
         tar \
         php7.0 \
         php7.0-fpm \
         php7.0-gd \
         php7.0-xml && \
-    aptitude why libidn11 && \     
-    false && \
     mkdir -p html /var/run/php && \
     echo "cgi.fix_pathinfo = 0;" >> /etc/php/7.0/fpm/php.ini && \
     sed -i -e "s|;daemonize\s*=\s*yes|daemonize = no|g" /etc/php/7.0/fpm/php-fpm.conf && \
@@ -23,7 +20,7 @@ RUN apt-get update -y && \
     sed -i -e "s|;listen\.owner\s*=\s*|listen.owner = |g" /etc/php/7.0/fpm/pool.d/www.conf && \
     sed -i -e "s|;listen\.group\s*=\s*|listen.group = |g" /etc/php/7.0/fpm/pool.d/www.conf && \
     sed -i -e "s|;listen\.mode\s*=\s*|listen.mode = |g" /etc/php/7.0/fpm/pool.d/www.conf && \
-    curl -O -L "https://download.dokuwiki.org/src/dokuwiki/dokuwiki-stable.tgz" && \
+    wget "https://download.dokuwiki.org/src/dokuwiki/dokuwiki-stable.tgz" && \
     tar -xzf dokuwiki-stable.tgz -C html --strip-components 1 && \
     rm -f dokuwiki-stable.tgz && \
     chown -R www-data . && \
@@ -32,6 +29,6 @@ RUN apt-get update -y && \
 
 EXPOSE 80
 VOLUME ["/var/www/html"]
-HEALTHCHECK CMD curl -s 127.0.0.1:${DOKUWIKI_PORT:=80}
+HEALTHCHECK CMD wget -q -O /dev/null http://127.0.0.1:${DOKUWIKI_PORT:=80}/
 
 CMD ["/run.sh"]
diff --git a/pica-dokuwiki/clair-whitelist.yml b/pica-dokuwiki/clair-whitelist.yml
index 36eb6737..6d20d4ca 100644
--- a/pica-dokuwiki/clair-whitelist.yml
+++ b/pica-dokuwiki/clair-whitelist.yml
@@ -10,4 +10,5 @@ generalwhitelist:
     CVE-2018-6485: glibc -> Pas de contre mesure
     CVE-2018-1000654: libtasn1-6 -> Pas de contre-mesure
     CVE-2017-12424: shadow -> Pas de contre-mesure
-    CVE-2016-2779: util-linux -> Pas de contre-mesure 
\ No newline at end of file
+    CVE-2016-2779: util-linux -> Pas de contre-mesure 
+    CVE-2017-14062: libidn11 -> dépendance directe de wget et indirecte de curl, un des 2 est nécessaire pour le HEALTHCHECK et le téléchargement de Dokuwiki -> Pas de contre-mesure
\ No newline at end of file
-- 
GitLab