On Fri, Aug 18, 2023 at 2:52 AM David Lane <david.lane@xxxxxxxxxxxxx
<mailto:david.lane@xxxxxxxxxxxxx>> wrote:
Hi Cristovao, Luca and co,
I thought it might be useful if I provide just a brief high-level
overview of how our ROCK notification service works so you can
understand the limitations we have, particularly around ROCKS built
from upstream repos rather than debs.
* All of the ROCKS notification services are based on USNs we
publish or CVEs in the Ubuntu CVE Tracker (UCT).
o Important: USNs and UCT are focused purely on deb packages
in the Ubuntu archives. Therefore if it's not a deb, we have
no information about it.
* Some ROCKS are built with a manifest specifying which deb
packages they are composed of.
o For a subset[1] of these, we alert if the package version in
that ROCK needs to be updated because a USN has been
published for it.
* Separate from that, we have a list of some specific projects[2]
which we know are used to build some ROCKS, *AND *(coincidently
_but importantly_) for which a deb package exists in the Ubuntu
archives.
o Because we have a package in the archive for representing
some version of these upstream projects, information about
CVEs affecting them is available to us.
o If we identify a CVE in one of those deb packages that
represents the 'upstream' project used to build a ROCK, we
notify you that we've seen a CVE.
o *Note / limitation:* We have no information about these
upstream repos or what exact version of upstream goes into
the ROCKS. We only know that you're interested in that
project and we have some information about it because there
is a deb for it in the archive and therefore we get CVE
information and pass that directly onto yourselves.
[1]: ROCKS built with debs that we can alert for when a USN affects
them:
- apache2, bind9, charmed-opensearch, kafka, memcached, mlflow,
nginx, postres, redis, squid, zookeeper
[2]: 'upstream' packages that have also have debs and therefore CVE
information in UCT:
- consul, golang-gogoprotobuf, prometheus,
prometheus-alertmanager, (and now also) ca-certificates
David.
On Fri, Aug 18, 2023 at 3:14 AM Emilia Torino
<emilia.torino@xxxxxxxxxxxxx <mailto:emilia.torino@xxxxxxxxxxxxx>>
wrote:
On 17/8/23 12:51, Cristovao Cordeiro wrote:
> Alright, thanks. So not much. I'll leave it up to you @Emilia
Torino
> <mailto:emilia.torino@xxxxxxxxxxxxx
<mailto:emilia.torino@xxxxxxxxxxxxx>> whether you think partial
> monitoring of these images is worth it. I'd say, only if it
is a no-op
> for you.
Adding CVEs notifications affecting ca-certificates is simple, I
have
just done it. For this service we dont fetch/inspect ROCKs at
all so its
not even resources consuming.
>
> On Thu, Aug 17, 2023 at 4:02 PM Luca Bello
<luca.bello@xxxxxxxxxxxxx <mailto:luca.bello@xxxxxxxxxxxxx>
> <mailto:luca.bello@xxxxxxxxxxxxx
<mailto:luca.bello@xxxxxxxxxxxxx>>> wrote:
>
> __
>
> Well yes, in pretty much all of our rocks we add the
> `ca-certificates` package for TLS operations:
>
> https://packages.ubuntu.com/search?keywords=ca-certificates
<https://packages.ubuntu.com/search?keywords=ca-certificates>
>
<https://packages.ubuntu.com/search?keywords=ca-certificates
<https://packages.ubuntu.com/search?keywords=ca-certificates>>
>
> We technically use things like `npm`, `nodejs` and `go`
for builds,
> but I think that's not particularly relevant.
>
>
> Cheers,
>
> Luca
>
> On 17/08/2023 15:28, Cristovao Cordeiro wrote:
>> Well, I'd need to inspect every one of those images
before making
>> such a statement, *but, *I'd risk saying that these images,
>> although snap-/source- based, might also have additional
debs, on
>> top of the base `ubuntu` image, that deserve monitoring.
@Luca
>> Bello <mailto:luca.bello@xxxxxxxxxxxxx
<mailto:luca.bello@xxxxxxxxxxxxx>> can you please confirm
>> that? I.e. if any of your snap-/source-based ROCKs also has
>> additional debs installed, then it's probably worth
monitoring
>> them nonetheless.
>>
>> On Thu, Aug 17, 2023 at 2:58 PM Emilia Torino
>> <emilia.torino@xxxxxxxxxxxxx
<mailto:emilia.torino@xxxxxxxxxxxxx>
<mailto:emilia.torino@xxxxxxxxxxxxx
<mailto:emilia.torino@xxxxxxxxxxxxx>>>
>> wrote:
>>
>> Hi!
>>
>> On Thu, Aug 17, 2023 at 9:53 AM Luca Bello
>> <luca.bello@xxxxxxxxxxxxx
<mailto:luca.bello@xxxxxxxxxxxxx>
<mailto:luca.bello@xxxxxxxxxxxxx <mailto:luca.bello@xxxxxxxxxxxxx>>>
>> wrote:
>>
>> Hi everyone,
>>
>> that's correct, SeaweedFS is postponed :)
>>
>> On 17/08/2023 14:50, Cristovao Cordeiro wrote:
>>> Hi everyone,
>>>
>>> here's a ping just to revive this thread.
>>>
>>> @Emilia Torino
<mailto:emilia.torino@xxxxxxxxxxxxx
<mailto:emilia.torino@xxxxxxxxxxxxx>> you
>>> might have received some GH notifications from
me, which
>>> are related to @Luca Bello
>>> <mailto:luca.bello@xxxxxxxxxxxxx
<mailto:luca.bello@xxxxxxxxxxxxx>> 's images which are now
>>> being prepared to be published.
>>
>>
>> Yes, I got them and I was also going to ping you all
since
>> from our last discussion I said:
>>
>> "I did a search over the provided sources and only
found one
>> case where we have the project as a deb in the
archive, which
>> is alertmanager:
>> https://launchpad.net/ubuntu/+source/prometheus-alertmanager
<https://launchpad.net/ubuntu/+source/prometheus-alertmanager>
>>
<https://launchpad.net/ubuntu/+source/prometheus-alertmanager
<https://launchpad.net/ubuntu/+source/prometheus-alertmanager>>.
>> So unless you can confirm there are other debs in
the archive
>> matching the remaining upstream projects,
alertmanager is the
>> only one we can add to our CVEs monitoring service.
I can add
>> it right now."
>>
>>> I'm updating the list from above with the
Docker Hub
>>> repos that should be monitored:
>>>
>>> * Alertmanager
>>> (https://github.com/prometheus/alertmanager
<https://github.com/prometheus/alertmanager>
>>> <https://github.com/prometheus/alertmanager
<https://github.com/prometheus/alertmanager>>) ->
>>> https://hub.docker.com/r/ubuntu/alertmanager
<https://hub.docker.com/r/ubuntu/alertmanager>
>>> <https://hub.docker.com/r/ubuntu/alertmanager
<https://hub.docker.com/r/ubuntu/alertmanager>> (new)
>>> * Grafana Agent
(https://github.com/grafana/agent <https://github.com/grafana/agent>
>>> <https://github.com/grafana/agent
<https://github.com/grafana/agent>>) ->
>>> https://hub.docker.com/r/ubuntu/grafana-agent
<https://hub.docker.com/r/ubuntu/grafana-agent>
>>> <https://hub.docker.com/r/ubuntu/grafana-agent
<https://hub.docker.com/r/ubuntu/grafana-agent>> (new)
>>> * Grafana (https://github.com/grafana/grafana
<https://github.com/grafana/grafana>
>>> <https://github.com/grafana/grafana
<https://github.com/grafana/grafana>>) ->
>>> https://hub.docker.com/r/ubuntu/grafana
<https://hub.docker.com/r/ubuntu/grafana>
>>> <https://hub.docker.com/r/ubuntu/grafana
<https://hub.docker.com/r/ubuntu/grafana>>
>>> * Loki (https://github.com/grafana/loki
<https://github.com/grafana/loki>
>>> <https://github.com/grafana/loki
<https://github.com/grafana/loki>>) ->
>>> https://hub.docker.com/r/ubuntu/loki
<https://hub.docker.com/r/ubuntu/loki>
>>> <https://hub.docker.com/r/ubuntu/loki
<https://hub.docker.com/r/ubuntu/loki>>
>>> * Mimir (https://github.com/grafana/mimir
<https://github.com/grafana/mimir>
>>> <https://github.com/grafana/mimir
<https://github.com/grafana/mimir>>) ->
>>> https://hub.docker.com/r/ubuntu/mimir
<https://hub.docker.com/r/ubuntu/mimir>
>>> <https://hub.docker.com/r/ubuntu/mimir
<https://hub.docker.com/r/ubuntu/mimir>> (new)
>>> * SeaweedFS
(https://github.com/seaweedfs/seaweedfs
<https://github.com/seaweedfs/seaweedfs>
>>> <https://github.com/seaweedfs/seaweedfs
<https://github.com/seaweedfs/seaweedfs>>) [1]
>>> * Traefik (https://github.com/traefik/traefik
<https://github.com/traefik/traefik>
>>> <https://github.com/traefik/traefik
<https://github.com/traefik/traefik>>) ->
>>> https://hub.docker.com/r/ubuntu/traefik
<https://hub.docker.com/r/ubuntu/traefik>
>>> <https://hub.docker.com/r/ubuntu/traefik
<https://hub.docker.com/r/ubuntu/traefik>> (new)
>>
>> So unfortunately, all others can't be monitored with the
>> existing solution.
>>
>>>
>>> [1] @Luca Bello
<mailto:luca.bello@xxxxxxxxxxxxx
<mailto:luca.bello@xxxxxxxxxxxxx>> is this
>>> one postponed?
>>>
>>> On Mon, Jul 3, 2023 at 9:37 AM Luca Bello
>>> <luca.bello@xxxxxxxxxxxxx
<mailto:luca.bello@xxxxxxxxxxxxx>
>>> <mailto:luca.bello@xxxxxxxxxxxxx
<mailto:luca.bello@xxxxxxxxxxxxx>>> wrote:
>>>
>>> Hi Emilia,
>>>
>>> that's great; thanks for following through!
>>>
>>>
>>> Cheers,
>>>
>>> Luca
>>>
>>> On 28/06/2023 22:18, Emilia Torino wrote:
>>>> Hi Luca,
>>>>
>>>> On Tue, Jun 27, 2023 at 5:11 AM Luca Bello
>>>> <luca.bello@xxxxxxxxxxxxx
<mailto:luca.bello@xxxxxxxxxxxxx>
>>>> <mailto:luca.bello@xxxxxxxxxxxxx
<mailto:luca.bello@xxxxxxxxxxxxx>>> wrote:
>>>>
>>>> Hi Emilia,
>>>>
>>>> I did not look into it as our short-term
>>>> priorities changed a little bit; if
you need
>>>> anything else from my side please let
me know!
>>>>
>>>>
>>>> I did a search over the provided sources
and only
>>>> found one case where we have the project
as a deb in
>>>> the archive, which is alertmanager:
>>>>
https://launchpad.net/ubuntu/+source/prometheus-alertmanager
<https://launchpad.net/ubuntu/+source/prometheus-alertmanager>
<https://launchpad.net/ubuntu/+source/prometheus-alertmanager
<https://launchpad.net/ubuntu/+source/prometheus-alertmanager>>
>>>>
>>>> So unless you can confirm there are other
debs in
>>>> the archive matching the remaining upstream
>>>> projects, alertmanager is the only one we
can add to
>>>> our CVEs monitoring service. I can add it
right now.
>>>>
>>>> Let me know if you have any questions.
>>>>
>>>> Emilia
>>>>
>>>>
>>>> Cheers,
>>>>
>>>> Luca
>>>>
>>>> On 22/06/2023 17:37, Emilia Torino wrote:
>>>>> Hi all,
>>>>>
>>>>> Following up on this issue...
>>>>>
>>>>> On Fri, Jun 9, 2023 at 12:41 PM
Emilia Torino
>>>>> <emilia.torino@xxxxxxxxxxxxx
<mailto:emilia.torino@xxxxxxxxxxxxx>
>>>>> <mailto:emilia.torino@xxxxxxxxxxxxx
<mailto:emilia.torino@xxxxxxxxxxxxx>>> wrote:
>>>>>
>>>>> Hi all,
>>>>>
>>>>> On 9/6/23 06:20, Cristovao
Cordeiro wrote:
>>>>> > Sounds good to me. @Emilia Torino
>>>>> >
<mailto:emilia.torino@xxxxxxxxxxxxx
<mailto:emilia.torino@xxxxxxxxxxxxx>
>>>>>
<mailto:emilia.torino@xxxxxxxxxxxxx
<mailto:emilia.torino@xxxxxxxxxxxxx>>> do
>>>>> you need those repos to exist in
>>>>> > Docker Hub before you can
onboard these?
>>>>>
>>>>> We don't. Since we don't scan the
upstream
>>>>> based ROCKs (we only need
>>>>> this for the deb based ones).
>>>>>
>>>>> >
>>>>> > On Fri, Jun 9, 2023 at 10:42 AM
Luca
>>>>> Bello <luca.bello@xxxxxxxxxxxxx
<mailto:luca.bello@xxxxxxxxxxxxx>
>>>>> <mailto:luca.bello@xxxxxxxxxxxxx
<mailto:luca.bello@xxxxxxxxxxxxx>>
>>>>> >
<mailto:luca.bello@xxxxxxxxxxxxx <mailto:luca.bello@xxxxxxxxxxxxx>
>>>>> <mailto:luca.bello@xxxxxxxxxxxxx
<mailto:luca.bello@xxxxxxxxxxxxx>>>> wrote:
>>>>> >
>>>>> > Hello everyone,
>>>>> >
>>>>> > as mentioned before, the
ROCKs we
>>>>> have are all based on upstream
>>>>> > projects; the list is the
following,
>>>>> as required:
>>>>> >
>>>>> > * Alertmanager
>>>>>
(https://github.com/prometheus/alertmanager
<https://github.com/prometheus/alertmanager>
>>>>>
<https://github.com/prometheus/alertmanager
<https://github.com/prometheus/alertmanager>>
>>>>> >
>>>>>
<https://github.com/prometheus/alertmanager
<https://github.com/prometheus/alertmanager>
<https://github.com/prometheus/alertmanager
<https://github.com/prometheus/alertmanager>>>)
>>>>> > * Grafana Agent
>>>>> (https://github.com/grafana/agent
<https://github.com/grafana/agent>
>>>>> <https://github.com/grafana/agent
<https://github.com/grafana/agent>>
>>>>> >
<https://github.com/grafana/agent
<https://github.com/grafana/agent>
>>>>> <https://github.com/grafana/agent
<https://github.com/grafana/agent>>>)
>>>>> > * Grafana
>>>>>
(https://github.com/grafana/grafana
<https://github.com/grafana/grafana>
>>>>>
<https://github.com/grafana/grafana
<https://github.com/grafana/grafana>>
>>>>> >
<https://github.com/grafana/grafana
<https://github.com/grafana/grafana>
>>>>>
<https://github.com/grafana/grafana
<https://github.com/grafana/grafana>>>)
>>>>> > * Loki
>>>>> (https://github.com/grafana/loki
<https://github.com/grafana/loki>
>>>>> <https://github.com/grafana/loki
<https://github.com/grafana/loki>>
>>>>> >
<https://github.com/grafana/loki <https://github.com/grafana/loki>
>>>>> <https://github.com/grafana/loki
<https://github.com/grafana/loki>>>)
>>>>> > * Mimir
>>>>> (https://github.com/grafana/mimir
<https://github.com/grafana/mimir>
>>>>> <https://github.com/grafana/mimir
<https://github.com/grafana/mimir>>
>>>>> >
<https://github.com/grafana/mimir
<https://github.com/grafana/mimir>
>>>>> <https://github.com/grafana/mimir
<https://github.com/grafana/mimir>>>)
>>>>> > * SeaweedFS
>>>>>
(https://github.com/seaweedfs/seaweedfs
<https://github.com/seaweedfs/seaweedfs>
>>>>>
<https://github.com/seaweedfs/seaweedfs
<https://github.com/seaweedfs/seaweedfs>>
>>>>> >
>>>>>
<https://github.com/seaweedfs/seaweedfs
<https://github.com/seaweedfs/seaweedfs>
>>>>>
<https://github.com/seaweedfs/seaweedfs
<https://github.com/seaweedfs/seaweedfs>>>)
>>>>> > * Traefik
>>>>>
(https://github.com/traefik/traefik
<https://github.com/traefik/traefik>
>>>>>
<https://github.com/traefik/traefik
<https://github.com/traefik/traefik>>
>>>>> >
<https://github.com/traefik/traefik
<https://github.com/traefik/traefik>
>>>>>
<https://github.com/traefik/traefik
<https://github.com/traefik/traefik>>>)
>>>>> >
>>>>> > Please let me know if any
of these
>>>>> qualifies!
>>>>>
>>>>> I am not sure how urgent is this,
but if
>>>>> you help me identify the Ubuntu
>>>>> source packages associated we can
make this
>>>>> faster. Otherwise we can
>>>>> work on this next week.
>>>>>
>>>>>
>>>>> Did you have a chance to check this?
>>>>>
>>>>>
>>>>> >
>>>>> >
>>>>> > Cheers,
>>>>> >
>>>>> > Luca
>>>>> >
>>>>> > On 31/05/2023 18:29, Cristovao
>>>>> Cordeiro wrote:
>>>>> >>
>>>>> >> So the only change
from our side
>>>>> will be to add
>>>>> >> prometheus to the email
>>>>> notification subject (or I guess we
>>>>> >> can just
>>>>> >> simple replace it with
"CVEs
>>>>> potentially affecting upstream based
>>>>> >> ROCKs"). Are the email
>>>>> recipients the same ones for the
other
>>>>> >> ones?
>>>>> >>
>>>>> >>
>>>>> >> I think that would be fine
for now.
>>>>> I'm reluctant to use the
>>>>> >> mailing list as a
catch-all, but I
>>>>> think we can re-design this
>>>>> >> once there is an event bus at
>>>>> Canonical, so we rely less on emails.
>>>>> >>
>>>>> >> As for the other 10 ROCKs,
@Luca Bello
>>>>> >>
<mailto:luca.bello@xxxxxxxxxxxxx <mailto:luca.bello@xxxxxxxxxxxxx>
>>>>> <mailto:luca.bello@xxxxxxxxxxxxx
<mailto:luca.bello@xxxxxxxxxxxxx>>> let's
>>>>> first do the right due
>>>>> >> diligence on those, cause
if a ROCK
>>>>> is not meant to be under the
>>>>> >> "ubuntu" namespace, then this
>>>>> security monitoring doesn't need to
>>>>> >> apply.
>>>>> >>
>>>>> >> On Wed, May 31, 2023 at
3:58 PM
>>>>> Emilia Torino
>>>>> >>
<emilia.torino@xxxxxxxxxxxxx <mailto:emilia.torino@xxxxxxxxxxxxx>
>>>>>
<mailto:emilia.torino@xxxxxxxxxxxxx
<mailto:emilia.torino@xxxxxxxxxxxxx>>
>>>>>
<mailto:emilia.torino@xxxxxxxxxxxxx
<mailto:emilia.torino@xxxxxxxxxxxxx>
>>>>>
<mailto:emilia.torino@xxxxxxxxxxxxx
<mailto:emilia.torino@xxxxxxxxxxxxx>>>>
>>>>> >> wrote:
>>>>> >>
>>>>> >>
>>>>> >> Hi all,
>>>>> >>
>>>>> >> On 31/5/23 04:03, Luca
Bello wrote:
>>>>> >> > Hi everyone,
>>>>> >> >
>>>>> >> > as said in the
thread already,
>>>>> the prometheus image is
>>>>> >> indeed a ROCK
>>>>> >> > based on the
>>>>> *prometheus/prometheus* repository.
>>>>> >>
>>>>> >> That's very
convenient. But just
>>>>> to be clear again, we are not
>>>>> >> "inspecting" the upstream
based rocks
>>>>> the same way we do for
>>>>> >> the deb
>>>>> >> based ones. We are only
>>>>> monitoring new CVEs created for
>>>>> >> prometheus,
>>>>> >> protobuf and consul.
So the only
>>>>> change from our side will be
>>>>> >> to add
>>>>> >> prometheus to the email
>>>>> notification subject (or I guess we
>>>>> >> can just
>>>>> >> simple replace it with
"CVEs
>>>>> potentially affecting upstream based
>>>>> >> ROCKs"). Are the email
>>>>> recipients the same ones for the
other
>>>>> >> ones?
>>>>> >>
>>>>> >> >
>>>>> >> > We're in the process of
>>>>> updating all of our ROCKs in a
>>>>> >> similar way,
>>>>> >> > meaning we want to
make sure
>>>>> we are complying with any
>>>>> >> guidelines you
>>>>> >> > might have on them.
>>>>> >> > We have about 10
ROCKs at the
>>>>> moment, mostly based on
>>>>> >> upstream projects
>>>>> >> > just like this one.
Should I
>>>>> share the full list, so you can
>>>>> >> track them?
>>>>> >>
>>>>> >> I am happy to do an
analysis of
>>>>> this list to see if we can add
>>>>> >> more. The
>>>>> >> short answer would be
that if
>>>>> the software is packaged as a
>>>>> >> deb in main
>>>>> >> or universe (which is the
>>>>> situation for prometheus, protobuf
>>>>> >> and consul)
>>>>> >> then we can simply add
them.
>>>>> This is because the service is
>>>>> >> based on the
>>>>> >> existing CVE triage
work the
>>>>> security team does, which is
>>>>> >> mainly for
>>>>> >> debs (although now is
being
>>>>> extended to other ecosystems
>>>>> >> because of SOSS
>>>>> >> but it is still
limited and
>>>>> mainly supporting NVIDIA software).
>>>>> >>
>>>>> >> A simple improvement
though
>>>>> could be to map the projects to
>>>>> >> the rocks so
>>>>> >> you dont get a general
>>>>> notification, but one per ROCK as the
>>>>> >> USNs/debs
>>>>> >> based service does. We
can work
>>>>> on adding this for the next cycle.
>>>>> >>
>>>>> >> >
>>>>> >> >
>>>>> >> > Cheers,
>>>>> >> >
>>>>> >> > Luca
>>>>> >> >
>>>>> >> >
>>>>> >> > On 31/05/2023 08:12,
Cristovao
>>>>> Cordeiro wrote:
>>>>> >> >> Thank you for the swift
>>>>> action, Emilia!
>>>>> >> >>
>>>>> >> >> > Does this
>>>>> >> >> > relate to a
question being
>>>>> asked some hours ago in
>>>>> >> >> > ~Security
>>>>> >> >>
>>>>> >>
>>>>>
https://chat.canonical.com/canonical/pl/dchhoa7wxtyiper7rbk8h43mjo <https://chat.canonical.com/canonical/pl/dchhoa7wxtyiper7rbk8h43mjo> <https://chat.canonical.com/canonical/pl/dchhoa7wxtyiper7rbk8h43mjo <https://chat.canonical.com/canonical/pl/dchhoa7wxtyiper7rbk8h43mjo>> <https://chat.canonical.com/canonical/pl/dchhoa7wxtyiper7rbk8h43mjo <https://chat.canonical.com/canonical/pl/dchhoa7wxtyiper7rbk8h43mjo> <https://chat.canonical.com/canonical/pl/dchhoa7wxtyiper7rbk8h43mjo <https://chat.canonical.com/canonical/pl/dchhoa7wxtyiper7rbk8h43mjo>>>?
>>>>> >> >>
>>>>> >> >> Yes, precisely.
@Luca Bello
>>>>> >>
<mailto:luca.bello@xxxxxxxxxxxxx <mailto:luca.bello@xxxxxxxxxxxxx>
>>>>> <mailto:luca.bello@xxxxxxxxxxxxx
<mailto:luca.bello@xxxxxxxxxxxxx>>
>>>>> >>
<mailto:luca.bello@xxxxxxxxxxxxx <mailto:luca.bello@xxxxxxxxxxxxx>
>>>>> <mailto:luca.bello@xxxxxxxxxxxxx
<mailto:luca.bello@xxxxxxxxxxxxx>>>> is in
>>>>> >> >> the process of
updating that
>>>>> image and we're re-doing our
>>>>> >> due diligence.
>>>>> >> >> Luca can confirm,
but this
>>>>> seems to be a ROCK based
>>>>> >> precisely on that
>>>>> >> >> upstream Prometheus
>>>>> repository that you are already
monitoring
>>>>> >> >>
>>>>> >>
>>>>>
(https://github.com/canonical/prometheus-rock/blob/main/rockcraft.yaml#L19 <https://github.com/canonical/prometheus-rock/blob/main/rockcraft.yaml#L19> <https://github.com/canonical/prometheus-rock/blob/main/rockcraft.yaml#L19 <https://github.com/canonical/prometheus-rock/blob/main/rockcraft.yaml#L19>> <https://github.com/canonical/prometheus-rock/blob/main/rockcraft.yaml#L19 <https://github.com/canonical/prometheus-rock/blob/main/rockcraft.yaml#L19> <https://github.com/canonical/prometheus-rock/blob/main/rockcraft.yaml#L19 <https://github.com/canonical/prometheus-rock/blob/main/rockcraft.yaml#L19>>>).
>>>>> >> >>
>>>>> >> >> Can we then add
this image to
>>>>> your list of tracked ROCKs?
>>>>> >> >>
>>>>> >> >>
>>>>> >> >> On Tue, May 30, 2023 at
>>>>> 9:45 PM Emilia Torino
>>>>> >> >>
<emilia.torino@xxxxxxxxxxxxx <mailto:emilia.torino@xxxxxxxxxxxxx>
>>>>>
<mailto:emilia.torino@xxxxxxxxxxxxx
<mailto:emilia.torino@xxxxxxxxxxxxx>>
>>>>> >>
>>>>>
<mailto:emilia.torino@xxxxxxxxxxxxx
<mailto:emilia.torino@xxxxxxxxxxxxx>
>>>>>
<mailto:emilia.torino@xxxxxxxxxxxxx
<mailto:emilia.torino@xxxxxxxxxxxxx>>>> wrote:
>>>>> >> >>
>>>>> >> >> Hey all,
>>>>> >> >>
>>>>> >> >> On 30/5/23 13:14,
Emilia
>>>>> Torino wrote:
>>>>> >> >> > Hi Cristovao,
>>>>> >> >> >
>>>>> >> >> > On 30/5/23 09:41,
>>>>> Cristovao Cordeiro wrote:
>>>>> >> >> >> Hi Emilia,
>>>>> >> >> >>
>>>>> >> >> >> could you
please confirm
>>>>> the `prometheus` container
>>>>> >> image is being
>>>>> >> >> >> monitored?
>>>>> >> >> >
>>>>> >> >> > I don't see
prometheus
>>>>> being monitored by our
>>>>> >> services (not as a
>>>>> >> >> rock
>>>>> >> >> > based on
upstream source
>>>>> code nor as a rock based on
>>>>> >> debs). Does
>>>>> >> >> this
>>>>> >> >> > relate to a
question being
>>>>> asked some hours ago in
>>>>> >> >> > ~Security
>>>>> >> >>
>>>>> >>
>>>>>
https://chat.canonical.com/canonical/pl/dchhoa7wxtyiper7rbk8h43mjo <https://chat.canonical.com/canonical/pl/dchhoa7wxtyiper7rbk8h43mjo> <https://chat.canonical.com/canonical/pl/dchhoa7wxtyiper7rbk8h43mjo <https://chat.canonical.com/canonical/pl/dchhoa7wxtyiper7rbk8h43mjo>> <https://chat.canonical.com/canonical/pl/dchhoa7wxtyiper7rbk8h43mjo <https://chat.canonical.com/canonical/pl/dchhoa7wxtyiper7rbk8h43mjo> <https://chat.canonical.com/canonical/pl/dchhoa7wxtyiper7rbk8h43mjo <https://chat.canonical.com/canonical/pl/dchhoa7wxtyiper7rbk8h43mjo>>>?
>>>>> >> >> >
>>>>> >> >> >
>>>>> >> >> > These emails'
subject only
>>>>> mentions cortex and
>>>>> >> telegraf, but
>>>>> >> >> >> I can see
>>>>>
"https://github.com/prometheus/prometheus
<https://github.com/prometheus/prometheus>
>>>>>
<https://github.com/prometheus/prometheus
<https://github.com/prometheus/prometheus>>
>>>>> >>
>>>>>
<https://github.com/prometheus/prometheus
<https://github.com/prometheus/prometheus>
>>>>>
<https://github.com/prometheus/prometheus
<https://github.com/prometheus/prometheus>>>
>>>>> >> >> >>
>>>>>
<https://github.com/prometheus/prometheus
<https://github.com/prometheus/prometheus>
>>>>>
<https://github.com/prometheus/prometheus
<https://github.com/prometheus/prometheus>>
>>>>> >>
>>>>>
<https://github.com/prometheus/prometheus
<https://github.com/prometheus/prometheus>
>>>>>
<https://github.com/prometheus/prometheus
<https://github.com/prometheus/prometheus>>>>" in the body of the
>>>>> >> >> email.
>>>>> >> >> >
>>>>> >> >> > Apologize for the
>>>>> confusion, this sounds like a bug
>>>>> >> in the email
>>>>> >> >> content
>>>>> >> >> > generator code.
I will
>>>>> take a look at it later.
>>>>> >> >>
>>>>> >> >> I investigated
this bug and
>>>>> it should be solved
>>>>> >> already. There was an
>>>>> >> >> issue in the past,
but we
>>>>> fixed it already. I thought
>>>>> >> it could be
>>>>> >> >> related but I see this
>>>>> notification you are asking is
>>>>> >> from March.
>>>>> >> >> If you
>>>>> >> >> check the last
notification
>>>>> sent on Thu, May 4, 2:03 AM
>>>>> >> is correctly
>>>>> >> >> reporting about a
single
>>>>> package (cortex only).
>>>>> >> >>
>>>>> >> >> Let me know if you
have any
>>>>> further question.
>>>>> >> >>
>>>>> >> >> In this case,
only a new
>>>>> >> >> > CVE affecting
consul has
>>>>> been created in our tracker
>>>>> >> >> >
>>>>> >> >>
>>>>> >>
>>>>>
https://git.launchpad.net/ubuntu-cve-tracker/tree/active/CVE-2023-0845 <https://git.launchpad.net/ubuntu-cve-tracker/tree/active/CVE-2023-0845> <https://git.launchpad.net/ubuntu-cve-tracker/tree/active/CVE-2023-0845 <https://git.launchpad.net/ubuntu-cve-tracker/tree/active/CVE-2023-0845>> <https://git.launchpad.net/ubuntu-cve-tracker/tree/active/CVE-2023-0845 <https://git.launchpad.net/ubuntu-cve-tracker/tree/active/CVE-2023-0845> <https://git.launchpad.net/ubuntu-cve-tracker/tree/active/CVE-2023-0845 <https://git.launchpad.net/ubuntu-cve-tracker/tree/active/CVE-2023-0845>>>.
>>>>> >> >> >
>>>>> >> >> > Still, this does
not mean
>>>>> cortex and telegraf are
>>>>> >> affected,
>>>>> >> >> since this
>>>>> >> >> > needs triage (i.e.
>>>>> understand if the code/version
>>>>> >> present in the
>>>>> >> >> rocks
>>>>> >> >> > are indeed
vulnerable).
>>>>> >> >> >
>>>>> >> >> > FYI the reason why
>>>>> >>
https://github.com/prometheus/prometheus
<https://github.com/prometheus/prometheus>
>>>>>
<https://github.com/prometheus/prometheus
<https://github.com/prometheus/prometheus>>
>>>>> >>
>>>>>
<https://github.com/prometheus/prometheus
<https://github.com/prometheus/prometheus>
>>>>>
<https://github.com/prometheus/prometheus
<https://github.com/prometheus/prometheus>>>
>>>>> (and
>>>>> >> >> also
>>>>> >> >> >
>>>>> https://github.com/gogo/protobuf
<https://github.com/gogo/protobuf>
>>>>> <https://github.com/gogo/protobuf
<https://github.com/gogo/protobuf>>
>>>>> >>
>>>>>
<https://github.com/gogo/protobuf
<https://github.com/gogo/protobuf>
>>>>> <https://github.com/gogo/protobuf
<https://github.com/gogo/protobuf>>>) are
>>>>> listed in this email, is
>>>>> >> >> because
>>>>> >> >> > these 3 are the
*only*
>>>>> upstream projects we are
>>>>> >> monitoring
>>>>> >> >> (because of
>>>>> >> >> > the bug the 3 are
>>>>> incorrectly listed in the email,
>>>>> >> only consul
>>>>> >> >> should
>>>>> >> >> > be). In other
words, we
>>>>> are not scanning every
>>>>> >> upstream source
>>>>> >> >> project
>>>>> >> >> > which is used to
build
>>>>> cortex and telegraf.
>>>>> >> >> >
>>>>> >> >> > There are
reasons why this
>>>>> service is very limited,
>>>>> >> and I hope this
>>>>> >> >> > is/was clear.
Let me know
>>>>> if you need more information.
>>>>> >> >> >
>>>>> >> >> > Emilia
>>>>> >> >> >
>>>>> >> >> >
>>>>> >> >> >>
>>>>> >> >> >> ----------
Forwarded
>>>>> message ---------
>>>>> >> >> >> From:
>>>>>
<security-team-toolbox-bot@xxxxxxxxxxxxx
<mailto:security-team-toolbox-bot@xxxxxxxxxxxxx>
>>>>>
<mailto:security-team-toolbox-bot@xxxxxxxxxxxxx
<mailto:security-team-toolbox-bot@xxxxxxxxxxxxx>>
>>>>> >>
>>>>>
<mailto:security-team-toolbox-bot@xxxxxxxxxxxxx
<mailto:security-team-toolbox-bot@xxxxxxxxxxxxx>
<mailto:security-team-toolbox-bot@xxxxxxxxxxxxx
<mailto:security-team-toolbox-bot@xxxxxxxxxxxxx>>>
>>>>> >> >> >>
>>>>>
<mailto:security-team-toolbox-bot@xxxxxxxxxxxxx
<mailto:security-team-toolbox-bot@xxxxxxxxxxxxx>
<mailto:security-team-toolbox-bot@xxxxxxxxxxxxx
<mailto:security-team-toolbox-bot@xxxxxxxxxxxxx>>
>>>>> >>
>>>>>
<mailto:security-team-toolbox-bot@xxxxxxxxxxxxx
<mailto:security-team-toolbox-bot@xxxxxxxxxxxxx>
<mailto:security-team-toolbox-bot@xxxxxxxxxxxxx
<mailto:security-team-toolbox-bot@xxxxxxxxxxxxx>>>>>
>>>>> >> >> >> Date: Sat, Mar
11, 2023
>>>>> at 6:03 AM
>>>>> >> >> >> Subject:
>>>>> [Ubuntu-docker-images] CVEs
potentially
>>>>> >> affecting
>>>>> >> >> cortex and
>>>>> >> >> >> telegraf
>>>>> >> >> >> To:
>>>>>
<ubuntu-docker-images@xxxxxxxxxxxxxxxxxxx
<mailto:ubuntu-docker-images@xxxxxxxxxxxxxxxxxxx>
>>>>>
<mailto:ubuntu-docker-images@xxxxxxxxxxxxxxxxxxx
<mailto:ubuntu-docker-images@xxxxxxxxxxxxxxxxxxx>>
>>>>> >>
>>>>>
<mailto:ubuntu-docker-images@xxxxxxxxxxxxxxxxxxx
<mailto:ubuntu-docker-images@xxxxxxxxxxxxxxxxxxx>
<mailto:ubuntu-docker-images@xxxxxxxxxxxxxxxxxxx
<mailto:ubuntu-docker-images@xxxxxxxxxxxxxxxxxxx>>>
>>>>> >> >> >>
>>>>>
<mailto:ubuntu-docker-images@xxxxxxxxxxxxxxxxxxx
<mailto:ubuntu-docker-images@xxxxxxxxxxxxxxxxxxx>
<mailto:ubuntu-docker-images@xxxxxxxxxxxxxxxxxxx
<mailto:ubuntu-docker-images@xxxxxxxxxxxxxxxxxxx>>
>>>>> >>
>>>>>
<mailto:ubuntu-docker-images@xxxxxxxxxxxxxxxxxxx
<mailto:ubuntu-docker-images@xxxxxxxxxxxxxxxxxxx>
<mailto:ubuntu-docker-images@xxxxxxxxxxxxxxxxxxx
<mailto:ubuntu-docker-images@xxxxxxxxxxxxxxxxxxx>>>>>,
>>>>> >> >> >>
>>>>> <sergio.durigan@xxxxxxxxxxxxx
<mailto:sergio.durigan@xxxxxxxxxxxxx>
>>>>>
<mailto:sergio.durigan@xxxxxxxxxxxxx
<mailto:sergio.durigan@xxxxxxxxxxxxx>>
>>>>> >>
>>>>>
<mailto:sergio.durigan@xxxxxxxxxxxxx
<mailto:sergio.durigan@xxxxxxxxxxxxx>
>>>>>
<mailto:sergio.durigan@xxxxxxxxxxxxx
<mailto:sergio.durigan@xxxxxxxxxxxxx>>>
>>>>> >> >>
>>>>>
<mailto:sergio.durigan@xxxxxxxxxxxxx
<mailto:sergio.durigan@xxxxxxxxxxxxx>
>>>>>
<mailto:sergio.durigan@xxxxxxxxxxxxx
<mailto:sergio.durigan@xxxxxxxxxxxxx>>
>>>>> >>
>>>>>
<mailto:sergio.durigan@xxxxxxxxxxxxx
<mailto:sergio.durigan@xxxxxxxxxxxxx>
>>>>>
<mailto:sergio.durigan@xxxxxxxxxxxxx
<mailto:sergio.durigan@xxxxxxxxxxxxx>>>>>,
>>>>> >> >> >>
>>>>> <emilia.torino@xxxxxxxxxxxxx
<mailto:emilia.torino@xxxxxxxxxxxxx>
>>>>>
<mailto:emilia.torino@xxxxxxxxxxxxx
<mailto:emilia.torino@xxxxxxxxxxxxx>>
>>>>> >>
>>>>>
<mailto:emilia.torino@xxxxxxxxxxxxx
<mailto:emilia.torino@xxxxxxxxxxxxx>
>>>>>
<mailto:emilia.torino@xxxxxxxxxxxxx
<mailto:emilia.torino@xxxxxxxxxxxxx>>>
>>>>> >> >>
>>>>>
<mailto:emilia.torino@xxxxxxxxxxxxx
<mailto:emilia.torino@xxxxxxxxxxxxx>
>>>>>
<mailto:emilia.torino@xxxxxxxxxxxxx
<mailto:emilia.torino@xxxxxxxxxxxxx>>
>>>>> >>
>>>>>
<mailto:emilia.torino@xxxxxxxxxxxxx
<mailto:emilia.torino@xxxxxxxxxxxxx>
>>>>>
<mailto:emilia.torino@xxxxxxxxxxxxx
<mailto:emilia.torino@xxxxxxxxxxxxx>>>>>,
>>>>> >> >> >>
>>>>> <alex.murray@xxxxxxxxxxxxx
<mailto:alex.murray@xxxxxxxxxxxxx>
>>>>> <mailto:alex.murray@xxxxxxxxxxxxx
<mailto:alex.murray@xxxxxxxxxxxxx>>
>>>>> >>
>>>>>
<mailto:alex.murray@xxxxxxxxxxxxx
<mailto:alex.murray@xxxxxxxxxxxxx>
>>>>> <mailto:alex.murray@xxxxxxxxxxxxx
<mailto:alex.murray@xxxxxxxxxxxxx>>>
>>>>> >>
>>>>>
<mailto:alex.murray@xxxxxxxxxxxxx
<mailto:alex.murray@xxxxxxxxxxxxx>
>>>>> <mailto:alex.murray@xxxxxxxxxxxxx
<mailto:alex.murray@xxxxxxxxxxxxx>>
>>>>> >>
>>>>>
<mailto:alex.murray@xxxxxxxxxxxxx
<mailto:alex.murray@xxxxxxxxxxxxx>
>>>>> <mailto:alex.murray@xxxxxxxxxxxxx
<mailto:alex.murray@xxxxxxxxxxxxx>>>>>,
>>>>> >> >> >>
>>>>> <simon.aronsson@xxxxxxxxxxxxx
<mailto:simon.aronsson@xxxxxxxxxxxxx>
>>>>>
<mailto:simon.aronsson@xxxxxxxxxxxxx
<mailto:simon.aronsson@xxxxxxxxxxxxx>>
>>>>> >>
>>>>>
<mailto:simon.aronsson@xxxxxxxxxxxxx
<mailto:simon.aronsson@xxxxxxxxxxxxx>
>>>>>
<mailto:simon.aronsson@xxxxxxxxxxxxx
<mailto:simon.aronsson@xxxxxxxxxxxxx>>>
>>>>> >> >>
>>>>>
<mailto:simon.aronsson@xxxxxxxxxxxxx
<mailto:simon.aronsson@xxxxxxxxxxxxx>
>>>>>
<mailto:simon.aronsson@xxxxxxxxxxxxx
<mailto:simon.aronsson@xxxxxxxxxxxxx>>
>>>>> >>
>>>>>
<mailto:simon.aronsson@xxxxxxxxxxxxx
<mailto:simon.aronsson@xxxxxxxxxxxxx>
>>>>>
<mailto:simon.aronsson@xxxxxxxxxxxxx
<mailto:simon.aronsson@xxxxxxxxxxxxx>>>>>,
>>>>> >> >> >>
>>>>>
<dylan.stephano-shachter@xxxxxxxxxxxxx
<mailto:dylan.stephano-shachter@xxxxxxxxxxxxx>
>>>>>
<mailto:dylan.stephano-shachter@xxxxxxxxxxxxx
<mailto:dylan.stephano-shachter@xxxxxxxxxxxxx>>
>>>>> >>
>>>>>
<mailto:dylan.stephano-shachter@xxxxxxxxxxxxx
<mailto:dylan.stephano-shachter@xxxxxxxxxxxxx>
<mailto:dylan.stephano-shachter@xxxxxxxxxxxxx
<mailto:dylan.stephano-shachter@xxxxxxxxxxxxx>>>
>>>>> >> >> >>
>>>>>
<mailto:dylan.stephano-shachter@xxxxxxxxxxxxx
<mailto:dylan.stephano-shachter@xxxxxxxxxxxxx>
<mailto:dylan.stephano-shachter@xxxxxxxxxxxxx
<mailto:dylan.stephano-shachter@xxxxxxxxxxxxx>>
>>>>> >>
>>>>>
<mailto:dylan.stephano-shachter@xxxxxxxxxxxxx
<mailto:dylan.stephano-shachter@xxxxxxxxxxxxx>
<mailto:dylan.stephano-shachter@xxxxxxxxxxxxx
<mailto:dylan.stephano-shachter@xxxxxxxxxxxxx>>>>>
>>>>> >> >> >>
>>>>> >> >> >>
>>>>> >> >> >> New CVEs affecting
>>>>> packages used to build upstream
>>>>> >> based rocks
>>>>> >> >> have been
>>>>> >> >> >> created in the
Ubuntu CVE
>>>>> tracker:
>>>>> >> >> >>
>>>>> >> >> >> *
>>>>> https://github.com/gogo/protobuf
<https://github.com/gogo/protobuf>
>>>>> <https://github.com/gogo/protobuf
<https://github.com/gogo/protobuf>>
>>>>> >>
>>>>>
<https://github.com/gogo/protobuf
<https://github.com/gogo/protobuf>
>>>>> <https://github.com/gogo/protobuf
<https://github.com/gogo/protobuf>>>
>>>>> >> >>
>>>>>
<https://github.com/gogo/protobuf
<https://github.com/gogo/protobuf>
>>>>> <https://github.com/gogo/protobuf
<https://github.com/gogo/protobuf>>
>>>>> >>
>>>>>
<https://github.com/gogo/protobuf
<https://github.com/gogo/protobuf>
>>>>> <https://github.com/gogo/protobuf
<https://github.com/gogo/protobuf>>>>:
>>>>> >> >> >> *
>>>>> https://github.com/hashicorp/consul
<https://github.com/hashicorp/consul>
>>>>>
<https://github.com/hashicorp/consul
<https://github.com/hashicorp/consul>>
>>>>> >>
>>>>>
<https://github.com/hashicorp/consul
<https://github.com/hashicorp/consul>
>>>>>
<https://github.com/hashicorp/consul
<https://github.com/hashicorp/consul>>>
>>>>> >> >> >>
>>>>>
<https://github.com/hashicorp/consul
<https://github.com/hashicorp/consul>
>>>>>
<https://github.com/hashicorp/consul
<https://github.com/hashicorp/consul>>
>>>>> >>
>>>>>
<https://github.com/hashicorp/consul
<https://github.com/hashicorp/consul>
>>>>>
<https://github.com/hashicorp/consul
<https://github.com/hashicorp/consul>>>>:
>>>>> CVE-2023-0845
>>>>> >> >> >> *
>>>>> https://github.com/prometheus/prometheus
<https://github.com/prometheus/prometheus>
>>>>>
<https://github.com/prometheus/prometheus
<https://github.com/prometheus/prometheus>>
>>>>> >>
>>>>>
<https://github.com/prometheus/prometheus
<https://github.com/prometheus/prometheus>
>>>>>
<https://github.com/prometheus/prometheus
<https://github.com/prometheus/prometheus>>>
>>>>> >> >> >>
>>>>>
<https://github.com/prometheus/prometheus
<https://github.com/prometheus/prometheus>
>>>>>
<https://github.com/prometheus/prometheus
<https://github.com/prometheus/prometheus>>
>>>>> >>
>>>>>
<https://github.com/prometheus/prometheus
<https://github.com/prometheus/prometheus>
>>>>>
<https://github.com/prometheus/prometheus
<https://github.com/prometheus/prometheus>>>>:
>>>>> >> >> >>
>>>>> >> >> >> Please review
your rock
>>>>> to understand if it is
>>>>> >> affected by
>>>>> >> >> these CVEs.
>>>>> >> >> >>
>>>>> >> >> >> Thank you for
your rock
>>>>> and for attending to this
>>>>> >> matter.
>>>>> >> >> >>
>>>>> >> >> >> References:
>>>>> >> >> >>
>>>>> >> >>
>>>>> >>
>>>>>
https://git.launchpad.net/ubuntu-cve-tracker/tree/active/CVE-2023-0845 <https://git.launchpad.net/ubuntu-cve-tracker/tree/active/CVE-2023-0845> <https://git.launchpad.net/ubuntu-cve-tracker/tree/active/CVE-2023-0845 <https://git.launchpad.net/ubuntu-cve-tracker/tree/active/CVE-2023-0845>> <https://git.launchpad.net/ubuntu-cve-tracker/tree/active/CVE-2023-0845 <https://git.launchpad.net/ubuntu-cve-tracker/tree/active/CVE-2023-0845> <https://git.launchpad.net/ubuntu-cve-tracker/tree/active/CVE-2023-0845 <https://git.launchpad.net/ubuntu-cve-tracker/tree/active/CVE-2023-0845>>>
>>>>> >> >> >>
>>>>> >> >>
>>>>> >>
>>>>>
<https://git.launchpad.net/ubuntu-cve-tracker/tree/active/CVE-2023-0845 <https://git.launchpad.net/ubuntu-cve-tracker/tree/active/CVE-2023-0845> <https://git.launchpad.net/ubuntu-cve-tracker/tree/active/CVE-2023-0845 <https://git.launchpad.net/ubuntu-cve-tracker/tree/active/CVE-2023-0845>> <https://git.launchpad.net/ubuntu-cve-tracker/tree/active/CVE-2023-0845 <https://git.launchpad.net/ubuntu-cve-tracker/tree/active/CVE-2023-0845> <https://git.launchpad.net/ubuntu-cve-tracker/tree/active/CVE-2023-0845 <https://git.launchpad.net/ubuntu-cve-tracker/tree/active/CVE-2023-0845>>>>
>>>>> >> >> >>
>>>>> >> >> >>
>>>>> >> >> >>
>>>>> >> >> >> --
>>>>> >> >> >> Mailing list:
>>>>> >>
>>>>> https://launchpad.net/~ubuntu-docker-images
<https://launchpad.net/~ubuntu-docker-images>
>>>>>
<https://launchpad.net/~ubuntu-docker-images
<https://launchpad.net/~ubuntu-docker-images>>
>>>>> >>
>>>>>
<https://launchpad.net/~ubuntu-docker-images
<https://launchpad.net/~ubuntu-docker-images>
<https://launchpad.net/~ubuntu-docker-images
<https://launchpad.net/~ubuntu-docker-images>>>
>>>>> >> >> >>
>>>>>
<https://launchpad.net/~ubuntu-docker-images
<https://launchpad.net/~ubuntu-docker-images>
<https://launchpad.net/~ubuntu-docker-images
<https://launchpad.net/~ubuntu-docker-images>>
>>>>> >>
>>>>>
<https://launchpad.net/~ubuntu-docker-images
<https://launchpad.net/~ubuntu-docker-images>
<https://launchpad.net/~ubuntu-docker-images
<https://launchpad.net/~ubuntu-docker-images>>>>
>>>>> >> >> >> Post to :
>>>>> >>
ubuntu-docker-images@xxxxxxxxxxxxxxxxxxx
<mailto:ubuntu-docker-images@xxxxxxxxxxxxxxxxxxx>
>>>>>
<mailto:ubuntu-docker-images@xxxxxxxxxxxxxxxxxxx
<mailto:ubuntu-docker-images@xxxxxxxxxxxxxxxxxxx>>
>>>>> >>
>>>>>
<mailto:ubuntu-docker-images@xxxxxxxxxxxxxxxxxxx
<mailto:ubuntu-docker-images@xxxxxxxxxxxxxxxxxxx>
<mailto:ubuntu-docker-images@xxxxxxxxxxxxxxxxxxx
<mailto:ubuntu-docker-images@xxxxxxxxxxxxxxxxxxx>>>
>>>>> >> >> >>
>>>>>
<mailto:ubuntu-docker-images@xxxxxxxxxxxxxxxxxxx
<mailto:ubuntu-docker-images@xxxxxxxxxxxxxxxxxxx>
<mailto:ubuntu-docker-images@xxxxxxxxxxxxxxxxxxx
<mailto:ubuntu-docker-images@xxxxxxxxxxxxxxxxxxx>>
>>>>> >>
>>>>>
<mailto:ubuntu-docker-images@xxxxxxxxxxxxxxxxxxx
<mailto:ubuntu-docker-images@xxxxxxxxxxxxxxxxxxx>
<mailto:ubuntu-docker-images@xxxxxxxxxxxxxxxxxxx
<mailto:ubuntu-docker-images@xxxxxxxxxxxxxxxxxxx>>>>
>>>>> >> >> >> Unsubscribe :
>>>>> >>
>>>>> https://launchpad.net/~ubuntu-docker-images
<https://launchpad.net/~ubuntu-docker-images>
>>>>>
<https://launchpad.net/~ubuntu-docker-images
<https://launchpad.net/~ubuntu-docker-images>>
>>>>> >>
>>>>>
<https://launchpad.net/~ubuntu-docker-images
<https://launchpad.net/~ubuntu-docker-images>
<https://launchpad.net/~ubuntu-docker-images
<https://launchpad.net/~ubuntu-docker-images>>>
>>>>> >> >> >>
>>>>>
<https://launchpad.net/~ubuntu-docker-images
<https://launchpad.net/~ubuntu-docker-images>
<https://launchpad.net/~ubuntu-docker-images
<https://launchpad.net/~ubuntu-docker-images>>
>>>>> >>
>>>>>
<https://launchpad.net/~ubuntu-docker-images
<https://launchpad.net/~ubuntu-docker-images>
<https://launchpad.net/~ubuntu-docker-images
<https://launchpad.net/~ubuntu-docker-images>>>>
>>>>> >> >> >> More help :
>>>>> https://help.launchpad.net/ListHelp
<https://help.launchpad.net/ListHelp>
>>>>>
<https://help.launchpad.net/ListHelp
<https://help.launchpad.net/ListHelp>>
>>>>> >>
>>>>>
<https://help.launchpad.net/ListHelp
<https://help.launchpad.net/ListHelp>
>>>>>
<https://help.launchpad.net/ListHelp
<https://help.launchpad.net/ListHelp>>>
>>>>> >> >> >>
>>>>>
<https://help.launchpad.net/ListHelp
<https://help.launchpad.net/ListHelp>
>>>>>
<https://help.launchpad.net/ListHelp
<https://help.launchpad.net/ListHelp>>
>>>>> >>
>>>>>
<https://help.launchpad.net/ListHelp
<https://help.launchpad.net/ListHelp>
>>>>>
<https://help.launchpad.net/ListHelp
<https://help.launchpad.net/ListHelp>>>>
>>>>> >> >> >>
>>>>> >> >> >>
>>>>> >> >> >> --
>>>>> >> >> >> Cris
>>>>> >> >>
>>>>> >> >>
>>>>> >> >>
>>>>> >> >> --
>>>>> >> >> Cris
>>>>> >>
>>>>> >>
>>>>> >>
>>>>> >> --
>>>>> >> Cris
>>>>> > ____
>>>>> >
>>>>> >
>>>>> >
>>>>> > --
>>>>> > Cris
>>>>>
>>>
>>>
>>> --
>>> Cris
>>
>>
>>
>> --
>> Cris
>
>
>
> --
> Cris
--
Cris