update deepset/haystack:base-main docker image to fix CVE-2023-52425

[DavidSche]

Describe the bug

The python:3.10-slim image referenced by the deepset/haystack:base-main image has a high-risk security vulnerability. For details, see https://scout.docker.com/vulnerabilities/id/CVE-2023-52425?s=debian&n=expat&ns =debian&t=deb&osn=debian&osv=12&vr=%3E%3D2.5.0-1&utm_source=desktop&utm_medium=ExternalLink; Please upgrade to fix it

Error message Error that was thrown (if available)

Expected behavior A clear and concise description of what you expected to happen.

Additional context Add any other context about the problem here, like document types / preprocessing steps / settings of reader etc.

To Reproduce Steps to reproduce the behavior

FAQ Check

• [ ] Have you had a look at our new FAQ page?

System:

• OS:
• GPU/CPU:
• Haystack version (commit or version number):
• DocumentStore:
• Reader:
• Retriever:

[anakin87]

Hello, @DavidSche and thanks for reporting this.

Unfortunately, this vulnerability affects the python:3.10-slim official image and is related to Debian/expat.

Some days ago we did some research and found that the same vulnerability also affects the major official python images, apart from Alpine, which comes with its own set of problems and limitations.

As soon as the official python image gets rid of this vulnerability, we will update our image. I hope this helps to understand the problem.

If this problem is very relevant for you, you can try building your image, for example using Alpine.

[masci]

Latest images are now good.