From bc6819237d76df1130e4bb803975103a15e40def Mon Sep 17 00:00:00 2001
From: Erik Sundell <erik.i.sundell@gmail.com>
Date: Thu, 16 Dec 2021 00:25:26 +0100
Subject: [PATCH 1/2] Run apt-get upgrade to patch known vulnerabilities faster

---
 base-notebook/Dockerfile | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/base-notebook/Dockerfile b/base-notebook/Dockerfile
index dd824e02bc..62b5c9d238 100644
--- a/base-notebook/Dockerfile
+++ b/base-notebook/Dockerfile
@@ -19,9 +19,14 @@ USER root
 
 # Install all OS dependencies for notebook server that starts but lacks all
 # features (e.g., download as all possible file formats)
-# Install tini: init for containers
+# - tini is installed as a helpful container entrypoint that reaps zombie
+#   processes and such of the actual executable we want to start, see
+#   https://github.com/krallin/tini#why-tini for details.
+# - apt-get upgrade is run to patch known vulnerabilities in apt-get packages as
+#   the ubuntu base image is rebuilt too seldom (less than once a month)
 ENV DEBIAN_FRONTEND noninteractive
 RUN apt-get update --yes && \
+    apt-get upgrade --yes && \
     apt-get install --yes --no-install-recommends \
     tini \
     wget \

From 2bdaa2cd124004a76364ff37dcd162e0a4057b0c Mon Sep 17 00:00:00 2001
From: Ayaz Salikhov <mathbunnyru@users.noreply.github.com>
Date: Thu, 16 Dec 2021 13:30:20 +0300
Subject: [PATCH 2/2] Update base-notebook/Dockerfile

---
 base-notebook/Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/base-notebook/Dockerfile b/base-notebook/Dockerfile
index 62b5c9d238..17991adbaf 100644
--- a/base-notebook/Dockerfile
+++ b/base-notebook/Dockerfile
@@ -23,7 +23,7 @@ USER root
 #   processes and such of the actual executable we want to start, see
 #   https://github.com/krallin/tini#why-tini for details.
 # - apt-get upgrade is run to patch known vulnerabilities in apt-get packages as
-#   the ubuntu base image is rebuilt too seldom (less than once a month)
+#   the ubuntu base image is rebuilt too seldom sometimes (less than once a month)
 ENV DEBIAN_FRONTEND noninteractive
 RUN apt-get update --yes && \
     apt-get upgrade --yes && \