Update setuptools on Docker

I am trying to update setuptools on my Dockerfile in order to solve the vulnerability CVE-2022-40897.

However, when going to the Jfrog of the project, with neither of them appears the setuptools with a higher version than when neither of these options is followed.

I have tried the following options:

RUN apk add --upgrade py3-setuptools
RUN apk upgrade --no-cache py3-setuptools
RUN python -m ensurepip RUN pip install --no-cache --upgrade pip setuptools

Any ideas of how can I force setuptools to be updated on the Dockerfile?

Solution

The vulnerability is fixed in setuptools version 65.5.1. To specify the new version of setuptools in your Dockerfile, include the following:

RUN pip install setuptools>=65.5.1

Alternatively, if your project contains a "requirements.txt" file, then you can add the following line to that file: setuptools>=65.5.1

How do nested functions get compiled?
The "this" pointer and message receiving in D
64-bit executables with DMD
GtkD with D lang on Fedora
Why Android used Java concept instead of D language or C or C++? But Chromium web browser is in C++, its very complicated match
How to use MongoItemWriter to write a List<T>
Why a function with protected modifier can be overridden and accessible every where?
Convert Unicode const(uint)* to a dlang character type
Compiling D with Code::Blocks
DMD vs. GDC vs. LDC
Rendering a font in raylib using freetype
Digital Mars D compiler; acquiring ASM output
D Programming: openssl rsa forward reference compiler error
D compiler DMD doesn't link object files
OPTLINK: Warning 23: No Stack
Is there a limit in the amount of temporary generated symbols during a project build using dmd 2.063?
Is this the right way to combine Garbage collected with none Garbage collected code in D
D compiler (Digital Mars D Compiler) throwing error
Which D Compiler to Use?
Splitting a string treating multiple whitespace as one separator
Proper way of passing array parameters to D functions
Detailed Valgrind internals documentation
Is it possible, in D, to tell the garbage collector to not scan a particular pointer (or anything below it)?
Iterate over key/value pairs in associative array in D.
Dlang associative array of an array of strings keyed by a string has unexpected behavior
How to repeat a statement N times (simple loop)
Is worth the effort to learn D?
ld: undefined reference to object I can see in objdump
D using emplace
How can I return JSON with HTTP code in Vibe.d?