fix(azure): drop unused SignalR extension to clear MessagePack CVE-2026-48109#329
Draft
mrostan wants to merge 1 commit into
Draft
fix(azure): drop unused SignalR extension to clear MessagePack CVE-2026-48109#329mrostan wants to merge 1 commit into
mrostan wants to merge 1 commit into
Conversation
…26-48109 The Azure Functions base image bakes in the full extension bundle, whose SignalR Service extension is the sole consumer of MessagePack (verified against the bundle's function.deps.json reverse-dependency graph). MessagePack 2.5.192 carries CVE-2026-48109 (HIGH). Our Azure Function app only uses HTTP and Durable Functions triggers — never SignalR — so the entire SignalR assembly cluster is dead weight and MessagePack is reachable code we don't need. Remove it rather than patching the DLL: Docker Scout reports a .NET package only when BOTH its deps.json entry and its DLL exist on disk. Overwriting MessagePack.dll with a patched build does NOT clear the finding (Scout reads the version from the manifest, not the binary) — but deleting the DLL does. So prune_signalr_extension.py deletes the SignalR-cluster assemblies and de-registers the extension from every extensions.json, failing the build loudly if the expected targets aren't found (so a future bundle restructure can't silently let the CVE back in). The bundle version dir is globbed, so this survives the base-image bundle bumps and the pending python3.13 move. Also: - Extract the azure target into its own Dockerfile.azure. Unlike the other targets it builds FROM Microsoft's Functions base and shares nothing with the python:3.12-slim `base` stage, so a separate file is clearer; CI now passes `-f Dockerfile.azure`. Fixes the stale `Dockerfile_az` README ref. - Add resources/azure/durable_smoke_test.sh: boots the built image against Azurite and runs a Durable Functions orchestration end-to-end, asserting the host starts without SignalR and the durable runtime is healthy. Verified locally: Scout reports 0 MessagePack vulnerabilities in the built image, and the smoke test passes (orchestration reaches Completed). Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What & why
Today's vuln scan flagged a new fixable HIGH on
latest-azureonly:CVE-2026-48109—MessagePack 2.5.192(out-of-bounds read / DoS in the LZ4 path).The vulnerable
MessagePack.dllisn't one of our deps — it's baked into Microsoft'sAzure Functions extension bundle. Its sole consumer is the SignalR Service extension
(verified against the bundle's
function.deps.jsonreverse-dependency graph). Our AzureFunction app only uses HTTP + Durable Functions triggers — never SignalR — so the whole
SignalR assembly cluster is dead weight and MessagePack is reachable code we don't need.
Why delete, not patch the DLL
Docker Scout reports a .NET package only when both its
deps.jsonentry and its DLLexist on disk. I verified locally:
MessagePack.dllwith a patched 2.5.301 build → CVE still reported(Scout reads the version from the manifest, not the binary).
So we delete the SignalR-cluster assemblies and de-register the extension. As a bonus this
removes ~6 unused libraries from the image's attack surface, retiring a recurring class of
bundle-CVE findings.
Changes
resources/azure/prune_signalr_extension.py— deletes the SignalR-cluster DLLs(
MessagePack(.Annotations),Microsoft.Azure.SignalR.*,…SignalRService) from everybundle bin dir and de-registers SignalR from each
extensions.json. Fails the buildloudly if its targets aren't found (a future bundle restructure surfaces as a build error,
not a silent no-op that lets the CVE back in). Bundle version dir is globbed → survives the
pending python3.13 base bump.
Dockerfile.azure— the azure target extracted into its own file (it buildsFROMMicrosoft's Functions base and shares nothing with the
python:3.12-slimbasestage), withthe prune wired in.
Dockerfilekeeps a pointer note; CI now uses-f Dockerfile.azure.apollo/interfaces/azure/README.md— fixed the staleDockerfile_azreference; documentedthe smoke test.
resources/azure/durable_smoke_test.sh— boots the built image against Azurite and runs aDurable Functions orchestration end-to-end.
Validation (local)
the AzureStorage backend, orchestration reaches
Completed.Notes
base-layer bytes remain; reclaiming them would require flattening, which isn't worth the
fragility here. The win is vuln/attack-surface reduction, not size.
merge-queue and dev-merge builds, and dev deployment exercises Durable Functions for real — so
both regression modes are already covered. Run the smoke test locally before merging to dev and
after any base-image change.
🤖 Generated with Claude Code