Shiny App breaks when trying to fix critcal security vulnerabilities

Issue Summary:
In effort to remediate critical security vulnerabilities, our environment needs to update our image to use curl version 8.4.0. However, when we add these commands to update the curl version, the /opt/rstudio-connect is deleted.

Steps to Reproduce:

  1. Pull the latest version of the Posit Connect Docker jammy.2023.10.0 image.
  2. Update the Dockerfile to use Curl version 8.4.
RUN apt remove curl -y && apt purge curl -y \
    && apt-get update -y && apt-get install -y libssl-dev autoconf libtool make \
    && apt-get clean \
    && cd /usr/local/src && rm -rf curl* && wget && unzip \
    && cd /usr/local/src/curl-8.4.0 && autoreconf -fi && ./configure --with-ssl && make && make install \
    && cd /usr/local/src/curl-8.4.0 && cp /usr/local/bin/curl /usr/bin/curl && sudo ldconfig
  1. Rebuild the Docker image.
  2. Run the container.

The Docker image build process fails with errors related to the updated Curl version.

This issue is consistently reproducible when attempting to update Curl to version 8.4 in the Posit Connect Docker image.


  • Posit Connect Docker Image Version: [jammy-2023.10.0]

This topic was automatically closed 54 days after the last reply. New replies are no longer allowed.

If you have a query related to it or one of the replies, start a new topic and refer back with a link.