From dae79e05d76566ad1c3b06eb32004092d30d18ac Mon Sep 17 00:00:00 2001
From: Damian Fajfer <damian@fajfer.org>
Date: Fri, 5 Apr 2024 20:53:40 +0200
Subject: [PATCH] Remove high vulnerabilities from setuptools and wheel

CVE-2022-40897 CVE-2022-40898 regarding CWE-1333
---
 gcups/Dockerfile | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/gcups/Dockerfile b/gcups/Dockerfile
index 610b32a..499df19 100644
--- a/gcups/Dockerfile
+++ b/gcups/Dockerfile
@@ -5,6 +5,7 @@ RUN apt-get update && apt-get install --no-install-recommends -y wget gpg xvfb l
     apt-get update -y && apt-get install --no-install-recommends -y gcups && \
     rm -rf var/lib/apt/lists/* && \
     python3 -m pip --no-cache-dir install plyvel && \
+    python3 -m pip --no-cache-dir uninstall setuptools wheel && \
     apt-get remove -y python3-pip && \
     mkdir -m775 -p /opt/gcups/db/gcups-rxdb-1-settings
 
@@ -12,8 +13,7 @@ COPY init.sh populate-db.py db.txt /opt/
 WORKDIR /opt
 RUN python3 populate-db.py
 
-ENV GCUPS_HTTP_PORT=8080
-ENV GCUPS_PASSWORD=gcups123
+ENV GCUPS_HTTP_PORT=8080 GCUPS_PASSWORD=gcups123
 
 EXPOSE $GCUPS_HTTP_PORT