From 6ca8f33796332f1b03018074412ca3cfe5cc9ba5 Mon Sep 17 00:00:00 2001
From: Glenn Jocher <glenn.jocher@ultralytics.com>
Date: Fri, 3 Nov 2023 18:59:36 +0100
Subject: [PATCH] [Snyk] Security upgrade ubuntu from 23.04 to mantic-20231011
 (#12308)

* fix: utils/docker/Dockerfile-cpu to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-UBUNTU2304-COREUTILS-5484945
- https://snyk.io/vuln/SNYK-UBUNTU2304-GLIBC-5919743
- https://snyk.io/vuln/SNYK-UBUNTU2304-GLIBC-5919743
- https://snyk.io/vuln/SNYK-UBUNTU2304-PROCPS-5816666
- https://snyk.io/vuln/SNYK-UBUNTU2304-XZUTILS-5854648

* Update apt install libgl1-mesa-glx to libgl1

---------

Co-authored-by: snyk-bot <snyk-bot@snyk.io>
---
 utils/docker/Dockerfile       | 2 +-
 utils/docker/Dockerfile-arm64 | 2 +-
 utils/docker/Dockerfile-cpu   | 4 ++--
 3 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/utils/docker/Dockerfile b/utils/docker/Dockerfile
index d1fc87f7c84c..f4727162065a 100644
--- a/utils/docker/Dockerfile
+++ b/utils/docker/Dockerfile
@@ -12,7 +12,7 @@ ADD https://ultralytics.com/assets/Arial.ttf https://ultralytics.com/assets/Aria
 ENV DEBIAN_FRONTEND noninteractive
 RUN apt update
 RUN TZ=Etc/UTC apt install -y tzdata
-RUN apt install --no-install-recommends -y gcc git zip curl htop libgl1-mesa-glx libglib2.0-0 libpython3-dev gnupg
+RUN apt install --no-install-recommends -y gcc git zip curl htop libgl1 libglib2.0-0 libpython3-dev gnupg
 # RUN alias python=python3
 
 # Security updates
diff --git a/utils/docker/Dockerfile-arm64 b/utils/docker/Dockerfile-arm64
index 802703e8d3f7..0de85bf8d609 100644
--- a/utils/docker/Dockerfile-arm64
+++ b/utils/docker/Dockerfile-arm64
@@ -12,7 +12,7 @@ ADD https://ultralytics.com/assets/Arial.ttf https://ultralytics.com/assets/Aria
 ENV DEBIAN_FRONTEND noninteractive
 RUN apt update
 RUN TZ=Etc/UTC apt install -y tzdata
-RUN apt install --no-install-recommends -y python3-pip git zip curl htop gcc libgl1-mesa-glx libglib2.0-0 libpython3-dev
+RUN apt install --no-install-recommends -y python3-pip git zip curl htop gcc libgl1 libglib2.0-0 libpython3-dev
 # RUN alias python=python3
 
 # Install pip packages
diff --git a/utils/docker/Dockerfile-cpu b/utils/docker/Dockerfile-cpu
index e1696d0aebd8..c7ba1e321c89 100644
--- a/utils/docker/Dockerfile-cpu
+++ b/utils/docker/Dockerfile-cpu
@@ -3,7 +3,7 @@
 # Image is CPU-optimized for ONNX, OpenVINO and PyTorch YOLOv5 deployments
 
 # Start FROM Ubuntu image https://hub.docker.com/_/ubuntu
-FROM ubuntu:23.04
+FROM ubuntu:mantic-20231011
 
 # Downloads to user config dir
 ADD https://ultralytics.com/assets/Arial.ttf https://ultralytics.com/assets/Arial.Unicode.ttf /root/.config/Ultralytics/
@@ -11,7 +11,7 @@ ADD https://ultralytics.com/assets/Arial.ttf https://ultralytics.com/assets/Aria
 # Install linux packages
 # g++ required to build 'tflite_support' and 'lap' packages, libusb-1.0-0 required for 'tflite_support' package
 RUN apt update \
-    && apt install --no-install-recommends -y python3-pip git zip curl htop libgl1-mesa-glx libglib2.0-0 libpython3-dev gnupg g++ libusb-1.0-0
+    && apt install --no-install-recommends -y python3-pip git zip curl htop libgl1 libglib2.0-0 libpython3-dev gnupg g++ libusb-1.0-0
 # RUN alias python=python3
 
 # Remove python3.11/EXTERNALLY-MANAGED or use 'pip install --break-system-packages' avoid 'externally-managed-environment' Ubuntu nightly error