NVIDIA-NeMo · ko3n1g · Feb 9, 2026 · Feb 9, 2026 · coderabbitai · Feb 9, 2026
@@ -24,7 +24,11 @@ ENV UV_LINK_MODE=copy
 ENV UV_VERSION="0.7.2"
 
 RUN curl -LsSf https://astral.sh/uv/${UV_VERSION}/install.sh | sh && \
-    uv venv ${UV_PROJECT_ENVIRONMENT} --system-site-packages
+    uv venv ${UV_PROJECT_ENVIRONMENT} --system-site-packages && \
+    # Address CVE-2025-68973
+    apt-get update && apt install -y --only-upgrade gnupg && \
-    apt-get update && apt install -y --only-upgrade gnupg && \
+    apt-get update && apt-get install -y --only-upgrade gnupg && \
-    apt-get update && apt install -y --only-upgrade gnupg && \
+    apt-get update && apt-get install -y --only-upgrade gnupg && \
+    apt-get clean && \
+    rm -rf /var/lib/apt/lists/*
 
 COPY pyproject.toml uv.lock /opt/Megatron-Bridge/
 COPY src/megatron/bridge/__init__.py src/megatron/bridge/package_info.py /opt/Megatron-Bridge/src/megatron/bridge/