From 677cdff58d007e3c3e646330b76d75e9f6ada05f Mon Sep 17 00:00:00 2001
From: Username <user@mymx.me>
Date: Tue, 20 Jan 2026 08:19:41 +0100
Subject: [PATCH] containerfile: upgrade base image pip and jaraco.context

---
 Containerfile.slim | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/Containerfile.slim b/Containerfile.slim
index 314b762..1365126 100644
--- a/Containerfile.slim
+++ b/Containerfile.slim
@@ -30,6 +30,9 @@ FROM python:3.11-alpine
 LABEL maintainer="FlaskPaste"
 LABEL description="Minimal secure pastebin REST API (Alpine)"
 
+# Upgrade base image pip to fix CVE-2025-8869
+RUN pip install --no-cache-dir --upgrade "pip>=25.3" "jaraco.context>=6.1.0"
+
 # Create non-root user
 RUN addgroup -g 65532 -S flaskpaste && adduser -u 65532 -S -G flaskpaste flaskpaste