Update Docker Images

red-hat-konflux[bot] · web-flow · commit fd8394076f3c · 2025-10-15T12:48:06.000Z
Signed-off-by: red-hat-konflux &lt;126015336+red-hat-konflux[bot]@users.noreply.github.com&gt;
diff --git a/Dockerfile.clients.rh b/Dockerfile.clients.rh
@@ -7,15 +7,15 @@ FROM quay.io/securesign/fetch-tsa-certs@sha256:6f977b7683b08b342ce1898c484a6937d
 
 # Provides the Trusted Artifact Signer CLI binaries, rekor-cli and ec
 FROM quay.io/securesign/rekor-cli@sha256:74173b633e3184a4d0472d2badeed55177133b639a12272dd39e1cd46f9dd106 as rekor
-FROM registry.redhat.io/rhtas/ec-rhel9:0.7@sha256:78158d37f70af60043e6ad87cddc982cc79da401b3c2e58de9323b95407c9f66 as ec
+FROM registry.redhat.io/rhtas/ec-rhel9:0.7@sha256:30f7a2eeed605f23ba68bc41f29363acc5305ff4cf9302c37ee7ac7408cfa38d as ec
 
 # Provides the Trusted Artifact Signer CLI binaries trillian-createtree and trillian-updatetree
 FROM quay.io/securesign/trillian-createtree@sha256:244758721aa1c63adfffbae31df58059ff8a06311f6cb60515eeae14b20e78ce as trillian-createtree
 FROM quay.io/securesign/trillian-updatetree@sha256:009bd24835bc7caef38b03bb82d4626f3346ee1524c544ba69f929fc820c55ae as trillian-updatetree
 
 FROM quay.io/securesign/cli-tuftool@sha256:e5d5f791ff4161a46a7b7b639f4a6af4d344a42d4078a0e74ff40fadf77b7762 as tuf-tool
 
-FROM registry.redhat.io/ubi9/httpd-24@sha256:f246cd462bd549cdb5f1ccf93e150db024962bc364048f0b8c06a9e0c2dc6a38
+FROM registry.redhat.io/ubi9/httpd-24@sha256:86a1a8b0d12c31c007dd411f7076a0cab2cc952ab8a0de74666fa09900c9fb86
 ENV APP_ROOT=/opt/app-root
 WORKDIR $APP_ROOT/src/
 
diff --git a/Dockerfile.cosign.rh b/Dockerfile.cosign.rh
@@ -1,6 +1,6 @@
 # Build stage
 
-FROM registry.redhat.io/ubi9/go-toolset:9.6@sha256:6a73e8f2d2433b4b71127970be5afc14c19144a03daef0031364734a6b03672a AS build-env
+FROM registry.redhat.io/ubi9/go-toolset:9.6@sha256:7b1828de52c3bac600a71b81996bf748776a456181a45e2b329b39702cf6486f AS build-env
 
 ENV GOEXPERIMENT=strictfipsruntime
 ENV CGO_ENABLED=1
@@ -26,7 +26,7 @@ RUN git config --global --add safe.directory /cosign && \
     git update-index --no-assume-unchanged Dockerfile.cosign.rh
 
 # Install Cosign
-FROM registry.access.redhat.com/ubi9/ubi-minimal@sha256:7c5495d5fad59aaee12abc3cbbd2b283818ee1e814b00dbc7f25bf2d14fa4f0c
+FROM registry.access.redhat.com/ubi9/ubi-minimal@sha256:34880b64c07f28f64d95737f82f891516de9a3b43583f39970f7bf8e4cfa48b7
 
 LABEL description="Cosign is a container signing tool that leverages simple, secure, and auditable signatures based on simple primitives and best practices."
 LABEL io.k8s.description="Cosign is a container signing tool that leverages simple, secure, and auditable signatures based on simple primitives and best practices."
