From 5df078d6af81c5233fcd881dff0915df474a9ab0 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Tue, 1 Aug 2023 12:16:31 +0000
Subject: [PATCH 1/2] fix: utils/docker/Dockerfile-cpu to reduce
 vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-UBUNTU2210-SYSTEMD-5721329
- https://snyk.io/vuln/SNYK-UBUNTU2210-SYSTEMD-5721343
- https://snyk.io/vuln/SNYK-UBUNTU2210-SYSTEMD-5721343
- https://snyk.io/vuln/SNYK-UBUNTU2210-SYSTEMD-5721350
- https://snyk.io/vuln/SNYK-UBUNTU2210-SYSTEMD-5721350
---
 utils/docker/Dockerfile-cpu | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/utils/docker/Dockerfile-cpu b/utils/docker/Dockerfile-cpu
index 91adf64d3a0a..f8d320391c32 100644
--- a/utils/docker/Dockerfile-cpu
+++ b/utils/docker/Dockerfile-cpu
@@ -3,7 +3,7 @@
 # Image is CPU-optimized for ONNX, OpenVINO and PyTorch YOLOv5 deployments
 
 # Start FROM Ubuntu image https://hub.docker.com/_/ubuntu
-FROM ubuntu:22.10
+FROM ubuntu:lunar-20230615
 
 # Downloads to user config dir
 ADD https://ultralytics.com/assets/Arial.ttf https://ultralytics.com/assets/Arial.Unicode.ttf /root/.config/Ultralytics/

From 2c7b30f91a11e233c864606e91e70cdae8da8420 Mon Sep 17 00:00:00 2001
From: Glenn Jocher <glenn.jocher@ultralytics.com>
Date: Tue, 1 Aug 2023 14:19:27 +0200
Subject: [PATCH 2/2] Update Dockerfile-cpu

Signed-off-by: Glenn Jocher <glenn.jocher@ultralytics.com>
---
 utils/docker/Dockerfile-cpu | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/utils/docker/Dockerfile-cpu b/utils/docker/Dockerfile-cpu
index f8d320391c32..17316986c9d5 100644
--- a/utils/docker/Dockerfile-cpu
+++ b/utils/docker/Dockerfile-cpu
@@ -9,12 +9,14 @@ FROM ubuntu:lunar-20230615
 ADD https://ultralytics.com/assets/Arial.ttf https://ultralytics.com/assets/Arial.Unicode.ttf /root/.config/Ultralytics/
 
 # Install linux packages
-ENV DEBIAN_FRONTEND noninteractive
-RUN apt update
-RUN TZ=Etc/UTC apt install -y tzdata
-RUN apt install --no-install-recommends -y python3-pip git zip curl htop libgl1-mesa-glx libglib2.0-0 libpython3-dev gnupg
+# g++ required to build 'tflite_support' and 'lap' packages, libusb-1.0-0 required for 'tflite_support' package
+RUN apt update \
+    && apt install --no-install-recommends -y python3-pip git zip curl htop libgl1-mesa-glx libglib2.0-0 libpython3-dev gnupg g++ libusb-1.0-0
 # RUN alias python=python3
 
+# Remove python3.11/EXTERNALLY-MANAGED or use 'pip install --break-system-packages' avoid 'externally-managed-environment' Ubuntu nightly error
+RUN rm -rf /usr/lib/python3.11/EXTERNALLY-MANAGED
+
 # Install pip packages
 COPY requirements.txt .
 RUN python3 -m pip install --upgrade pip wheel
@@ -30,7 +32,6 @@ WORKDIR /usr/src/app
 # Copy contents
 # COPY . /usr/src/app  (issues as not a .git directory)
 RUN git clone https://github.com/ultralytics/yolov5 /usr/src/app
-ENV DEBIAN_FRONTEND teletype
 
 
 # Usage Examples -------------------------------------------------------------------------------------------------------