From 13c536c0332cd63dce2247ce6de0b3d61fb8e884 Mon Sep 17 00:00:00 2001
From: Yuhong Sun <yuhongsun96@gmail.com>
Date: Sat, 30 Dec 2023 11:57:49 -0800
Subject: [PATCH] Final Backend CVEs (#900)

---
 backend/Dockerfile               | 4 ++--
 backend/requirements/default.txt | 1 -
 2 files changed, 2 insertions(+), 3 deletions(-)

diff --git a/backend/Dockerfile b/backend/Dockerfile
index b392b5a8d..9ed625224 100644
--- a/backend/Dockerfile
+++ b/backend/Dockerfile
@@ -12,7 +12,7 @@ RUN echo "DANSWER_VERSION: ${DANSWER_VERSION}"
 # zip for Vespa step futher down
 # ca-certificates for HTTPS
 RUN apt-get update && \
-    apt-get install -y cmake libpq-dev curl zip ca-certificates && \
+    apt-get install -y cmake curl zip ca-certificates && \
     rm -rf /var/lib/apt/lists/* && \
     apt-get clean
 
@@ -29,7 +29,7 @@ RUN pip install --no-cache-dir --upgrade -r /tmp/requirements.txt && \
 # xserver-common and xvfb included by playwright installation but not needed after
 # perl-base is part of the base Python Debian image but not needed for Danswer functionality
 # perl-base could only be removed with --allow-remove-essential
-RUN apt-get remove -y --allow-remove-essential cmake perl-base xserver-common xvfb && \
+RUN apt-get remove -y --allow-remove-essential perl-base xserver-common xvfb cmake libldap-2.5-0 libldap-2.5-0 && \
     apt-get autoremove -y && \
     rm -rf /var/lib/apt/lists/* && \
     rm /usr/local/lib/python3.11/site-packages/tornado/test/test.key
diff --git a/backend/requirements/default.txt b/backend/requirements/default.txt
index 06ace7ace..9ed55b531 100644
--- a/backend/requirements/default.txt
+++ b/backend/requirements/default.txt
@@ -32,7 +32,6 @@ openai==1.3.5
 oauthlib==3.2.2
 playwright==1.40.0
 psutil==5.9.5
-psycopg2==2.9.9
 psycopg2-binary==2.9.9
 pycryptodome==3.19.0
 pydantic==1.10.7