From 070a994be06db4edbe8c98ab14c77a79ba8dfd9c Mon Sep 17 00:00:00 2001
From: Sunny Wu <sunny.wu@thetradedesk.com>
Date: Tue, 27 Jan 2026 13:48:58 +1100
Subject: [PATCH 1/2] Upgrade libpng to fix CVE vulnerability

Add explicit libpng upgrade in Dockerfile to address security vulnerability
in the base image's bundled libpng package.
---
 Dockerfile | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index e31a2eb..27690f8 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -16,7 +16,8 @@ COPY ./target/${JAR_NAME}-${JAR_VERSION}-sources.jar /app
 COPY ./conf/default-config.json /app/conf/
 COPY ./conf/*.xml /app/conf/
 
-RUN adduser -D uid2-core && mkdir -p /app && chmod 705 -R /app && mkdir -p /app/file-uploads && chmod 777 -R /app/file-uploads && mkdir -p /app/pod_terminating && chmod 777 -R /app/pod_terminating
+RUN apk add --no-cache --upgrade libpng && \
+    adduser -D uid2-core && mkdir -p /app && chmod 705 -R /app && mkdir -p /app/file-uploads && chmod 777 -R /app/file-uploads && mkdir -p /app/pod_terminating && chmod 777 -R /app/pod_terminating
 USER uid2-core
 
 CMD java \

From 98030b93f0a9717238799afbf731398969ae28d3 Mon Sep 17 00:00:00 2001
From: Sunny Wu <sunny.wu@thetradedesk.com>
Date: Tue, 27 Jan 2026 13:50:25 +1100
Subject: [PATCH 2/2] fixed syntax

---
 Dockerfile | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 27690f8..4e5a164 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -16,8 +16,7 @@ COPY ./target/${JAR_NAME}-${JAR_VERSION}-sources.jar /app
 COPY ./conf/default-config.json /app/conf/
 COPY ./conf/*.xml /app/conf/
 
-RUN apk add --no-cache --upgrade libpng && \
-    adduser -D uid2-core && mkdir -p /app && chmod 705 -R /app && mkdir -p /app/file-uploads && chmod 777 -R /app/file-uploads && mkdir -p /app/pod_terminating && chmod 777 -R /app/pod_terminating
+RUN apk add --no-cache --upgrade libpng && adduser -D uid2-core && mkdir -p /app && chmod 705 -R /app && mkdir -p /app/file-uploads && chmod 777 -R /app/file-uploads && mkdir -p /app/pod_terminating && chmod 777 -R /app/pod_terminating
 USER uid2-core
 
 CMD java \