From f1cdf6992f619a1c1d14c083fb31ae01ae09b2f1 Mon Sep 17 00:00:00 2001
From: Anthony Stirling <77850077+Frooodle@users.noreply.github.com.>
Date: Tue, 5 Aug 2025 15:01:01 +0100
Subject: [PATCH] fix

---
 Dockerfile            | 15 ++++++++-------
 Dockerfile.fat        | 15 ++++++++-------
 Dockerfile.ultra-lite | 13 +++++++------
 3 files changed, 23 insertions(+), 20 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 40a591d99..04c896689 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -43,6 +43,7 @@ ENV DISABLE_ADDITIONAL_FEATURES=true \
 RUN echo "@main https://dl-cdn.alpinelinux.org/alpine/edge/main" | tee -a /etc/apk/repositories && \
     echo "@community https://dl-cdn.alpinelinux.org/alpine/edge/community" | tee -a /etc/apk/repositories && \
     echo "@testing https://dl-cdn.alpinelinux.org/alpine/edge/testing" | tee -a /etc/apk/repositories && \
+    apk update && \
     apk upgrade --no-cache -a && \
     apk add --no-cache \
     ca-certificates \
@@ -56,10 +57,10 @@ RUN echo "@main https://dl-cdn.alpinelinux.org/alpine/edge/main" | tee -a /etc/a
     openssl-dev \
     openjdk21-jre \
     # Security updates - remove when Alpine base image updates these
-    # libjxl@community fixes CVE-2024-11403, CVE-2024-11498
-    # rav1e@community fixes CVE-2025-4574, GHSA-2rxc-gjrp-vjhx, RUSTSEC-2024-0404, GHSA-pg9f-39pc-qf8g
-    libjxl@community \
-    rav1e@community \
+    # libjxl fixes CVE-2024-11403, CVE-2024-11498
+    # rav1e fixes CVE-2025-4574, GHSA-2rxc-gjrp-vjhx, RUSTSEC-2024-0404, GHSA-pg9f-39pc-qf8g
+    libjxl \
+    rav1e \
     # Doc conversion
     gcompat \
     libc6-compat \
@@ -78,9 +79,9 @@ RUN echo "@main https://dl-cdn.alpinelinux.org/alpine/edge/main" | tee -a /etc/a
     python3 \
     ocrmypdf \
     py3-pip \
-    # py3-pillow@community fixes CVE-2025-48379 - ensure Pillow 11.3.0+ instead of 11.2.1
-    py3-pillow@community \
-    py3-pdf2image@testing \
+    # py3-pillow fixes CVE-2025-48379 - ensure Pillow 11.3.0+ instead of 11.2.1
+    py3-pillow \
+    py3-pdf2image \
     # URW Base 35 fonts for better PDF rendering
     font-urw-base35 && \
     python3 -m venv /opt/venv && \
diff --git a/Dockerfile.fat b/Dockerfile.fat
index 30135bed2..310682e24 100644
--- a/Dockerfile.fat
+++ b/Dockerfile.fat
@@ -57,6 +57,7 @@ ENV DISABLE_ADDITIONAL_FEATURES=true \
 RUN echo "@main https://dl-cdn.alpinelinux.org/alpine/edge/main" | tee -a /etc/apk/repositories && \
     echo "@community https://dl-cdn.alpinelinux.org/alpine/edge/community" | tee -a /etc/apk/repositories && \
     echo "@testing https://dl-cdn.alpinelinux.org/alpine/edge/testing" | tee -a /etc/apk/repositories && \
+    apk update && \
     apk upgrade --no-cache -a && \
     apk add --no-cache \
     ca-certificates \
@@ -70,10 +71,10 @@ RUN echo "@main https://dl-cdn.alpinelinux.org/alpine/edge/main" | tee -a /etc/a
     openssl-dev \
     openjdk21-jre \
     # Security updates - remove when Alpine base image updates these
-    # libjxl@community fixes CVE-2024-11403, CVE-2024-11498
-    # rav1e@community fixes CVE-2025-4574, GHSA-2rxc-gjrp-vjhx, RUSTSEC-2024-0404, GHSA-pg9f-39pc-qf8g
-    libjxl@community \
-    rav1e@community \
+    # libjxl fixes CVE-2024-11403, CVE-2024-11498
+    # rav1e fixes CVE-2025-4574, GHSA-2rxc-gjrp-vjhx, RUSTSEC-2024-0404, GHSA-pg9f-39pc-qf8g
+    libjxl \
+    rav1e \
     # Doc conversion
     gcompat \
     libc6-compat \
@@ -93,9 +94,9 @@ RUN echo "@main https://dl-cdn.alpinelinux.org/alpine/edge/main" | tee -a /etc/a
     python3 \
     ocrmypdf \
     py3-pip \
-    # py3-pillow@community fixes CVE-2025-48379 - ensure Pillow 11.3.0+ instead of 11.2.1
-    py3-pillow@community \
-    py3-pdf2image@testing && \
+    # py3-pillow fixes CVE-2025-48379 - ensure Pillow 11.3.0+ instead of 11.2.1
+    py3-pillow \
+    py3-pdf2image && \
     python3 -m venv /opt/venv && \
     /opt/venv/bin/pip install --no-cache-dir --upgrade pip setuptools && \
     /opt/venv/bin/pip install --no-cache-dir --upgrade unoserver weasyprint && \
diff --git a/Dockerfile.ultra-lite b/Dockerfile.ultra-lite
index 2c00c745f..4f712a3c7 100644
--- a/Dockerfile.ultra-lite
+++ b/Dockerfile.ultra-lite
@@ -24,9 +24,10 @@ COPY scripts/installFonts.sh /scripts/installFonts.sh
 COPY app/core/build/libs/*.jar app.jar
 
 # Set up necessary directories and permissions
-RUN echo "@testing https://dl-cdn.alpinelinux.org/alpine/edge/main" | tee -a /etc/apk/repositories && \
-    echo "@testing https://dl-cdn.alpinelinux.org/alpine/edge/community" | tee -a /etc/apk/repositories && \
+RUN echo "@main https://dl-cdn.alpinelinux.org/alpine/edge/main" | tee -a /etc/apk/repositories && \
+    echo "@community https://dl-cdn.alpinelinux.org/alpine/edge/community" | tee -a /etc/apk/repositories && \
     echo "@testing https://dl-cdn.alpinelinux.org/alpine/edge/testing" | tee -a /etc/apk/repositories && \
+    apk update && \
     apk upgrade --no-cache -a && \
     apk add --no-cache \
         ca-certificates \
@@ -38,10 +39,10 @@ RUN echo "@testing https://dl-cdn.alpinelinux.org/alpine/edge/main" | tee -a /et
         su-exec \
         openjdk21-jre \
         # Security updates - remove when Alpine base image updates these
-        # libjxl@community fixes CVE-2024-11403, CVE-2024-11498
-        # rav1e@community fixes CVE-2025-4574, GHSA-2rxc-gjrp-vjhx, RUSTSEC-2024-0404, GHSA-pg9f-39pc-qf8g
-        libjxl@community \
-        rav1e@community && \
+        # libjxl fixes CVE-2024-11403, CVE-2024-11498
+        # rav1e fixes CVE-2025-4574, GHSA-2rxc-gjrp-vjhx, RUSTSEC-2024-0404, GHSA-pg9f-39pc-qf8g
+        libjxl \
+        rav1e && \
     # User permissions
     mkdir -p /configs /logs /customFiles /usr/share/fonts/opentype/noto /tmp/stirling-pdf /pipeline/watchedFolders /pipeline/finishedFolders && \
     chmod +x /scripts/*.sh && \