From e50822d4d447ceefe63bac2a6ffc30bd118b8902 Mon Sep 17 00:00:00 2001
From: John Tuttle <john.tuttle@cyberark.com>
Date: Thu, 19 May 2022 13:53:06 -0400
Subject: [PATCH] Upgrade base image in nginx Dockerfile

Fixed CVE-2022-0778 and CVE-2022-1292.
---
 CHANGELOG.md     | 4 ++++
 Dockerfile.nginx | 2 +-
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 4bea2c7..505d90f 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -6,6 +6,10 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 
 ## [Unreleased]
 
+### Security
+- Upgraded nginx Dockerfile base image to fix CVE-2022-0778 and CVE-2022-1292.
+  [cyberark/conjur-api-java#111](https://github.com/cyberark/conjur-api-java/pull/111)
+
 ## [3.0.2] - 2020-10-28
 ### Fixed
 - Multiple unused transitive dependencies, such as `exec-maven-plugin`, were removed. 
diff --git a/Dockerfile.nginx b/Dockerfile.nginx
index b3e7aa0..744c164 100644
--- a/Dockerfile.nginx
+++ b/Dockerfile.nginx
@@ -1,4 +1,4 @@
-FROM nginx:1.21.4
+FROM nginx:1.21.6
 
 MAINTAINER Conjur Inc