From 14b17f3434a81ad99e017bd500701c86367807cf Mon Sep 17 00:00:00 2001
From: James Barnes <5462724+jemsab@users.noreply.github.com>
Date: Thu, 20 Nov 2025 16:44:00 +0100
Subject: [PATCH] Remove uninstallation of imagemagick from debian

The current version of the Rust Dockerfile removes the imagemagick package from the OCI image because of CVE CVE-2019-10131.

According to Debian's security tracker https://security-tracker.debian.org/tracker/CVE-2019-10131, the vulnerability has been fixed in all Debian versions referenced in the manifest file (bullseye, bookworm and trixie). This workaround is therefore no longer necessary.

Removing the workaround will also remove a layer from the generated OCI image reducing deployment size.
---
 src/rust/.devcontainer/Dockerfile | 4 ----
 1 file changed, 4 deletions(-)

diff --git a/src/rust/.devcontainer/Dockerfile b/src/rust/.devcontainer/Dockerfile
index 76cc831d2d..3a8643d379 100644
--- a/src/rust/.devcontainer/Dockerfile
+++ b/src/rust/.devcontainer/Dockerfile
@@ -2,10 +2,6 @@
 ARG VARIANT="trixie"
 FROM rust:1-${VARIANT}
 
-RUN apt-get update && export DEBIAN_FRONTEND=noninteractive \
-    # Remove imagemagick due to https://security-tracker.debian.org/tracker/CVE-2019-10131
-    && apt-get purge -y imagemagick imagemagick-6-common
-
 # Fixing vulnerability issue by upgrading svn to 1.14.5. Ref https://subversion.apache.org/security/CVE-2024-46901-advisory.txt
 COPY ./scripts/install-subversion.sh /tmp/install-subversion.sh
 RUN chmod +x /tmp/install-subversion.sh