[Snyk] Security upgrade alpine from latest to 3.15.4

[snyk-bot]

Keeping your Docker base image up-to-date means you’ll benefit from security fixes in the latest version of your chosen image.

Changes included in this PR

• cmd/diagnostic/Dockerfile.client

We recommend upgrading to alpine:3.15.4, as this image has only 0 known vulnerabilities. To do this, merge this pull request, then verify your application still works as expected.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

[guardrails]

⚠️ We detected 35 security issues in this pull request:

Mode: paranoid | Total findings: 35 | Considered vulnerability: 35

Insecure Use of Dangerous Function (5)

Docs	Details
💡	Title: Audit Use of Command Execution, Severity: High libnetwork/iptables/iptables.go Line 587 in fb60cf3 out, err := exec.Command(iptablesPath, "--version").CombinedOutput()
💡	Title: Audit Use of Command Execution, Severity: High libnetwork/iptables/iptables.go Line 551 in fb60cf3 output, err := exec.Command(path, args...).CombinedOutput()
💡	Title: Audit Use of Command Execution, Severity: High libnetwork/iptables/iptables.go Line 488 in fb60cf3 existingRules, _ := exec.Command(path, "-t", string(table), "-S", chain).Output()
💡	Title: Audit Use of Command Execution, Severity: High libnetwork/iptables/iptables.go Line 121 in fb60cf3 supportsXlock = exec.Command(iptablesPath, "--wait", "-L", "-n").Run() == nil
💡	Title: Audit Use of Command Execution, Severity: High libnetwork/iptables/iptables.go Line 94 in fb60cf3 if out, err := exec.Command(path, "--wait", "-t", "nat", "-L", "-n").CombinedOutput(); err != nil {

More info on how to fix Insecure Use of Dangerous Function in Go.

---

Insecure File Management (11)

Docs	Details
💡	Title: File Path Provided As Taint Input, Severity: High libnetwork/service_linux.go Line 565 in fb60cf3 buf, err := ioutil.ReadFile(fileName)
💡	Title: File Path Provided As Taint Input, Severity: High libnetwork/sandbox_dns_unix.go Line 432 in fb60cf3 sBytes, err := ioutil.ReadFile(src)
💡	Title: File Path Provided As Taint Input, Severity: High libnetwork/sandbox_dns_unix.go Line 303 in fb60cf3 h, err := ioutil.ReadFile(hashFile)
💡	Title: File Path Provided As Taint Input, Severity: High libnetwork/resolvconf/resolvconf.go Line 97 in fb60cf3 resolv, err := ioutil.ReadFile(path)
💡	Title: File Path Provided As Taint Input, Severity: High libnetwork/osl/kernel/knobs_linux.go Line 21 in fb60cf3 value, err := ioutil.ReadFile(path.Join("/proc/sys", keyPath))
💡	Title: File Path Provided As Taint Input, Severity: High libnetwork/etchosts/etchosts.go Line 202 in fb60cf3 old, err := ioutil.ReadFile(path)
💡	Title: File Path Provided As Taint Input, Severity: High libnetwork/etchosts/etchosts.go Line 159 in fb60cf3 old, err := os.Open(path)
💡	Title: File Path Provided As Taint Input, Severity: High libnetwork/etchosts/etchosts.go Line 131 in fb60cf3 f, err := os.Open(path)
💡	Title: File Path Provided As Taint Input, Severity: High libnetwork/drivers/bridge/setup_ipv6.go Line 34 in fb60cf3 ipv6BridgeData, err := ioutil.ReadFile(procFile)
💡	Title: File Path Provided As Taint Input, Severity: High libnetwork/drivers/bridge/setup_ipv4.go Line 71 in fb60cf3 ipv4LoRoutingData, err := ioutil.ReadFile(sysPath)
💡	Title: File Path Provided As Taint Input, Severity: High libnetwork/drivers/bridge/setup_bridgenetfiltering.go Line 125 in fb60cf3 line, err := ioutil.ReadFile(path)

More info on how to fix Insecure File Management in Go.

---

Hard-Coded Secrets (11)

Docs	Details
💡	Title: Hard-coded Secrets, Severity: Medium libnetwork/vendor/golang.org/x/crypto/otr/libotr_test_helper.c Line 112 in fb60cf3 "30B71224508654940A835301ACC525A4FF133FC152CC53DCC59D65C30A54F1993FE13FE63E"
💡	Title: Hard-coded Secrets, Severity: Medium libnetwork/vendor/golang.org/x/crypto/otr/libotr_test_helper.c Line 113 in fb60cf3 "5823D4C746DB21B90F9B9C00B49EC7404AB1D929BA7FBA12F2E45C6E0A651689750E8528AB"
💡	Title: Hard-coded Secrets, Severity: Medium libnetwork/vendor/golang.org/x/crypto/otr/libotr_test_helper.c Line 117 in fb60cf3 "1AA6CC567CB83A1CC517EC806F2E92EAE71457E80B2210A189B91250779434B41FC8A8873F"
💡	Title: Hard-coded Secrets, Severity: Medium libnetwork/vendor/golang.org/x/crypto/otr/libotr_test_helper.c Line 118 in fb60cf3 "6DB94BEA7D177F5D59E7E114EE10A49CFD9CEF88AE43387023B672927BA74B04EB6BBB5E57"
💡	Title: Hard-coded Secrets, Severity: Medium libnetwork/vendor/golang.org/x/crypto/otr/libotr_test_helper.c Line 121 in fb60cf3 "2A983E2A19BD6415500F6979715D9FD1257E1FE2B6F5E1E74B333079E7C880D39868462A93"
💡	Title: Hard-coded Secrets, Severity: Medium libnetwork/vendor/golang.org/x/crypto/otr/libotr_test_helper.c Line 122 in fb60cf3 "454B41877BE62E5EF0A041C2EE9C9E76BD1E12AE25D9628DECB097025DD625EF49C3258A1A"
💡	Title: Hard-coded Secrets, Severity: Medium libnetwork/vendor/golang.org/x/crypto/otr/otr.go Line 155 in fb60cf3 p, _ = new(big.Int).SetString("FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D670C354E4ABC9804F1746C08CA237327FFFFFFFFFFFFFFFF", 16)
💡	Title: Hard-coded Secrets, Severity: Medium libnetwork/vendor/golang.org/x/crypto/otr/otr.go Line 156 in fb60cf3 q, _ = new(big.Int).SetString("7FFFFFFFFFFFFFFFE487ED5110B4611A62633145C06E0E68948127044533E63A0105DF531D89CD9128A5043CC71A026EF7CA8CD9E69D218D98158536F92F8A1BA7F09AB6B6A8E122F242DABB312F3F637A262174D31BF6B585FFAE5B7A035BF6F71C35FDAD44CFD2D74F9208BE258FF324943328F6722D9EE1003E5C50B1DF82CC6D241B0E2AE9CD348B1FD47E9267AFC1B2AE91EE51D6CB0E3179AB1042A95DCF6A9483B84B4B36B3861AA7255E4C0278BA36046511B993FFFFFFFFFFFFFFFF", 16)
💡	Title: Hard-coded Secrets, Severity: Medium libnetwork/vendor/golang.org/x/crypto/otr/smp.go Line 152 in fb60cf3 c.smp.secret = nil
💡	Title: Hard-coded Secrets, Severity: Medium libnetwork/vendor/golang.org/x/net/proxy/socks5.go Line 33 in fb60cf3 Password: auth.Password,
💡	Title: Hard-coded Secrets, Severity: Medium libnetwork/config/config_test.go Line 81 in fb60cf3 key := `-----BEGIN RSA PRIVATE KEY-----

More info on how to fix Hard-Coded Secrets in General.

---

Vulnerable Libraries (8)

Severity	Details
High	golang.org/x/net@v0.0.0-20190501004415-9ce7a6920f09 - no patch available
High	golang.org/x/net@v0.0.0-20191004110552-13f9640d40b9 - no patch available
High	github.com/opencontainers/runc@v0.0.0-20190115041553-12f6a991201f - no patch available
Medium	golang.org/x/crypto@v0.0.0-20191011191535-87dc89f01550 - no patch available
Medium	golang.org/x/crypto@v0.0.0-20200622213623-75b288015ac9 - no patch available
Critical	github.com/gogo/protobuf@v1.3.1 - no patch available
High	golang.org/x/net@v0.0.0-20190404232315-eb5bcb51f2a3 - no patch available
High	golang.org/x/net@v0.0.0-20190923162816-aa69164e4478 - no patch available

More info on how to fix Vulnerable Libraries in General.

---

👉 Go to the dashboard for detailed results.

📥 Happy? Share your feedback with us.