From df939f51cdc7372bcb70b8b6edd128aec3f165ea Mon Sep 17 00:00:00 2001
From: aldousalvarez <aldousss.alvarez@gmail.com>
Date: Fri, 23 Dec 2022 17:56:48 +0800
Subject: [PATCH] fix(security): vulnerabilities found in quorum-all-in-one
 Fixes #2059

Signed-off-by: aldousalvarez <aldousss.alvarez@gmail.com>
---
 .github/containerscan/allowedlist.yaml    | 5 +++--
 tools/docker/quorum-all-in-one/Dockerfile | 8 ++++----
 2 files changed, 7 insertions(+), 6 deletions(-)

diff --git a/.github/containerscan/allowedlist.yaml b/.github/containerscan/allowedlist.yaml
index ecb29320e93..ad0216d7868 100644
--- a/.github/containerscan/allowedlist.yaml
+++ b/.github/containerscan/allowedlist.yaml
@@ -1,6 +1,7 @@
 general:
   vulnerabilities:
     #besu-all-in-one
+    - CVE-2022-37734
+    - CVE-2022-25857
+
 
-    -CVE-2022-37734
-    -CVE-2022-25857
diff --git a/tools/docker/quorum-all-in-one/Dockerfile b/tools/docker/quorum-all-in-one/Dockerfile
index 5c05b1e7256..5d6e34e4261 100644
--- a/tools/docker/quorum-all-in-one/Dockerfile
+++ b/tools/docker/quorum-all-in-one/Dockerfile
@@ -1,5 +1,5 @@
-ARG QUORUM_VERSION=21.4.1
-ARG TESSERA_VERSION=21.1.1
+ARG QUORUM_VERSION=22.7.4
+ARG TESSERA_VERSION=21.1.7
 
 FROM quorumengineering/quorum:$QUORUM_VERSION AS quorum
 FROM quorumengineering/tessera:$TESSERA_VERSION AS tessera
@@ -8,10 +8,10 @@ COPY --from=quorum /usr/local/bin/geth /usr/local/bin/
 COPY --from=quorum /usr/local/bin/bootnode /usr/local/bin/
 
 # BASH
-RUN apk update && apk add --no-cache bash
+RUN apt update && apt-get -y --no-cache install bash
 
 # SUPERVISORD
-RUN apk update && apk add --no-cache supervisor
+RUN apt update && apt-get -y --no-cache install supervisor
 RUN mkdir -p /var/log/supervisor
 COPY supervisord.conf /etc/supervisord.conf