From cff5d2add5f6f62201c58e6929029289b34c07a2 Mon Sep 17 00:00:00 2001
From: psbrar99 <brargg1989@gmail.com>
Date: Mon, 13 Nov 2023 11:25:46 -0700
Subject: [PATCH] fix glibc CVE-2023-4911

Signed-off-by: psbrar99 <brargg1989@gmail.com>
---
 pilot/docker/Dockerfile.proxyv2 | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pilot/docker/Dockerfile.proxyv2 b/pilot/docker/Dockerfile.proxyv2
index c8cd04c182cb..cf632307e65f 100644
--- a/pilot/docker/Dockerfile.proxyv2
+++ b/pilot/docker/Dockerfile.proxyv2
@@ -13,7 +13,7 @@ FROM ${ISTIO_BASE_REGISTRY}/base:${BASE_VERSION} as debug
 # It is built on the base distroless image, with iptables binary and libraries added
 # The source can be found at https://github.com/istio/distroless/tree/iptables
 # This version is from commit a8b3fb577adb785211ce704fdf892983fc268b11.
-FROM ${ISTIO_BASE_REGISTRY}/iptables@sha256:608afdf41f35f1b971d4d90431634a99507e039b9e40072dd31b8b19397ec459 as distroless
+FROM ${ISTIO_BASE_REGISTRY}/iptables@sha256:1696a2570c01a00f8910b3d9d68039ff22ae8ddbe7903fa78005740251bddd9f as distroless
 
 # This will build the final image based on either debug or distroless from above
 # hadolint ignore=DL3006