From a46eeb28b6a3bb821e97ece00ddc44581e75c2d8 Mon Sep 17 00:00:00 2001
From: jdesouza <james@fairwinds.com>
Date: Tue, 21 Apr 2026 14:49:25 -0300
Subject: [PATCH] Fix vulnerabilities

---
 .circleci/config.yml | 4 ++--
 Dockerfile           | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/.circleci/config.yml b/.circleci/config.yml
index 8a965894..d270325c 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -118,7 +118,7 @@ jobs:
 
   test:
     docker:
-      - image: cimg/go:1.26
+      - image: cimg/go:1.26.2
     steps:
       - checkout
       - *set_environment_variables
@@ -134,7 +134,7 @@ jobs:
       # The goreleaser image tag determins the version of Go.
       # Manually check goreleaser images for their version of Go.
       # Ref: https://hub.docker.com/r/goreleaser/goreleaser/tags
-      - image: goreleaser/goreleaser:v2.14.2
+      - image: goreleaser/goreleaser:v2.15.4
     steps:
       - checkout
       - setup_remote_docker
diff --git a/Dockerfile b/Dockerfile
index 2f2a7a90..0dffe11e 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -13,7 +13,7 @@ WORKDIR /usr/local/bin
 # Install ca-certs
 RUN apk --no-cache add ca-certificates
 # Upgrade only packages with known HIGH/CRITICAL issues (not a full apk upgrade).
-RUN apk --no-cache add --upgrade libcrypto3 libssl3 zlib
+RUN apk update --no-cache && apk --no-cache add --upgrade libcrypto3 libssl3 musl musl-utils zlib
 
 RUN addgroup -S polaris && adduser -u 1200 -S polaris -G polaris
 USER 1200