From c4f20cf8cafeb7a1167414f2f804eb7b99435e6a Mon Sep 17 00:00:00 2001 From: Valentin Lorentz Date: Sat, 31 Mar 2018 08:36:10 +0200 Subject: [PATCH] Use a long keyid for Onlyoffice's Debian repo Short keyids are easy to spoof, making the GPG signature verification of packages ineffective against most attackers. See https://evil32.com/ --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index f976774..8d770c7 100644 --- a/Dockerfile +++ b/Dockerfile @@ -6,7 +6,7 @@ ENV LANG=en_US.UTF-8 LANGUAGE=en_US:en LC_ALL=en_US.UTF-8 DEBIAN_FRONTEND=nonint RUN echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \ apt-get -y update && \ apt-get -yq install wget apt-transport-https curl locales && \ - apt-key adv --keyserver keyserver.ubuntu.com --recv-keys CB2DE8E5 && \ + apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 0x8320ca65cb2de8e5 && \ locale-gen en_US.UTF-8 && \ curl -sL https://deb.nodesource.com/setup_6.x | bash - && \ apt-get -y update && \