From 5c89defec80990eff8a9751a131afc9b0120ccdf Mon Sep 17 00:00:00 2001 From: "snyk-io[bot]" <141718529+snyk-io[bot]@users.noreply.github.com> Date: Thu, 4 Sep 2025 17:47:55 +0000 Subject: [PATCH 1/4] fix: fuzzing/local-dev-helpers/Dockerfile to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-DEBIAN12-FREETYPE-9402511 - https://snyk.io/vuln/SNYK-DEBIAN12-FREETYPE-9402511 - https://snyk.io/vuln/SNYK-DEBIAN12-FREETYPE-9402511 - https://snyk.io/vuln/SNYK-DEBIAN12-IMAGEMAGICK-5660573 - https://snyk.io/vuln/SNYK-DEBIAN12-IMAGEMAGICK-5660573 --- fuzzing/local-dev-helpers/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fuzzing/local-dev-helpers/Dockerfile b/fuzzing/local-dev-helpers/Dockerfile index 426de05dd..066d29ef5 100644 --- a/fuzzing/local-dev-helpers/Dockerfile +++ b/fuzzing/local-dev-helpers/Dockerfile @@ -1,7 +1,7 @@ # syntax=docker/dockerfile:1 # Use the same Python version as OSS-Fuzz to accidental incompatibilities in test code -FROM python:3.8-bookworm +FROM python:3.14.0rc2-bookworm LABEL project="GitPython Fuzzing Local Dev Helper" From 89c05a55948ffbd59d2634f6b048c83615101c9d Mon Sep 17 00:00:00 2001 From: "snyk-io[bot]" <141718529+snyk-io[bot]@users.noreply.github.com> Date: Wed, 10 Sep 2025 17:12:18 +0000 Subject: [PATCH 2/4] fix: fuzzing/local-dev-helpers/Dockerfile to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-DEBIAN12-IMAGEMAGICK-5660573 - https://snyk.io/vuln/SNYK-DEBIAN12-IMAGEMAGICK-5660573 - https://snyk.io/vuln/SNYK-DEBIAN12-IMAGEMAGICK-5660573 - https://snyk.io/vuln/SNYK-DEBIAN12-IMAGEMAGICK-5660573 - https://snyk.io/vuln/SNYK-DEBIAN12-IMAGEMAGICK-5660573 --- fuzzing/local-dev-helpers/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fuzzing/local-dev-helpers/Dockerfile b/fuzzing/local-dev-helpers/Dockerfile index 066d29ef5..be5dbe2a6 100644 --- a/fuzzing/local-dev-helpers/Dockerfile +++ b/fuzzing/local-dev-helpers/Dockerfile @@ -1,7 +1,7 @@ # syntax=docker/dockerfile:1 # Use the same Python version as OSS-Fuzz to accidental incompatibilities in test code -FROM python:3.14.0rc2-bookworm +FROM python:3.14.0rc2-slim-trixie LABEL project="GitPython Fuzzing Local Dev Helper" From 710528cbb4cd07e75ac71dbe38b2b1d7c4b8b549 Mon Sep 17 00:00:00 2001 From: "snyk-io[bot]" <141718529+snyk-io[bot]@users.noreply.github.com> Date: Sat, 4 Oct 2025 22:17:40 +0000 Subject: [PATCH 3/4] fix: fuzzing/local-dev-helpers/Dockerfile to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-DEBIAN13-TAR-5696683 - https://snyk.io/vuln/SNYK-DEBIAN13-GLIBC-5681241 - https://snyk.io/vuln/SNYK-DEBIAN13-GLIBC-5681241 - https://snyk.io/vuln/SNYK-DEBIAN13-GLIBC-5681177 - https://snyk.io/vuln/SNYK-DEBIAN13-GLIBC-5681177 --- fuzzing/local-dev-helpers/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fuzzing/local-dev-helpers/Dockerfile b/fuzzing/local-dev-helpers/Dockerfile index be5dbe2a6..c8b8fcf2f 100644 --- a/fuzzing/local-dev-helpers/Dockerfile +++ b/fuzzing/local-dev-helpers/Dockerfile @@ -1,7 +1,7 @@ # syntax=docker/dockerfile:1 # Use the same Python version as OSS-Fuzz to accidental incompatibilities in test code -FROM python:3.14.0rc2-slim-trixie +FROM python:3.14.0rc2-alpine3.22 LABEL project="GitPython Fuzzing Local Dev Helper" From a92ccf339a2f2bfbf6c9ddbc1a045871234dce5c Mon Sep 17 00:00:00 2001 From: "snyk-io[bot]" <141718529+snyk-io[bot]@users.noreply.github.com> Date: Sun, 23 Nov 2025 18:07:06 +0000 Subject: [PATCH 4/4] fix: fuzzing/local-dev-helpers/Dockerfile to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-ALPINE322-BUSYBOX-14091701 - https://snyk.io/vuln/SNYK-ALPINE322-BUSYBOX-14091701 - https://snyk.io/vuln/SNYK-ALPINE322-BUSYBOX-14091701 - https://snyk.io/vuln/SNYK-ALPINE322-OPENSSL-13174131 - https://snyk.io/vuln/SNYK-ALPINE322-OPENSSL-13174132 --- fuzzing/local-dev-helpers/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fuzzing/local-dev-helpers/Dockerfile b/fuzzing/local-dev-helpers/Dockerfile index c8b8fcf2f..a9b1a88ba 100644 --- a/fuzzing/local-dev-helpers/Dockerfile +++ b/fuzzing/local-dev-helpers/Dockerfile @@ -1,7 +1,7 @@ # syntax=docker/dockerfile:1 # Use the same Python version as OSS-Fuzz to accidental incompatibilities in test code -FROM python:3.14.0rc2-alpine3.22 +FROM python:3.14.0-alpine3.22 LABEL project="GitPython Fuzzing Local Dev Helper"