ubuntu-docker-images team mailing list archive

Thread
Date

Re: nginx contains outdated Ubuntu packages

To: Rick Harding <rick.harding@xxxxxxxxxxxxx>
From: Emilia Torino <emilia.torino@xxxxxxxxxxxxx>
Date: Wed, 26 May 2021 12:03:06 -0300
Cc: ubuntu-docker-images@xxxxxxxxxxxxxxxxxxx
In-reply-to: <60add7ba.1c69fb81.3c2d.ca17SMTPIN_ADDED_MISSING@mx.google.com>

I am resending this email just in case it was missed.

This is the first real USN notification, affecting nginx

On Wed, May 26, 2021 at 2:08 AM <noreply@xxxxxxxxxxxxx> wrote:

> A scan of this rock shows that it was built with packages from the Ubuntu
> archive that have since received security updates. The following lists new
> USNs for affected binary packages in each rock revision:
>
> Revision r836b863eb09b (arm64; channels: 1.18-20.04_edge, 1.18-20.04_beta)
>  * libx11-data: 4966-1
>
> Revision ra854378cf553 (s390x; channels: 1.18-20.04_edge, 1.18-20.04_beta)
>  * libx11-data: 4966-1
>
> Revision raa2cfed28d5b (amd64; channels: 1.18-20.04_edge, 1.18-20.04_beta)
>  * libx11-data: 4966-1
>
> Revision rcd139a404285 (ppc64el; channels: 1.18-20.04_edge,
> 1.18-20.04_beta)
>  * libx11-data: 4966-1
>
> Simply rebuilding the rock will pull in the new security updates and
> resolve this. If your rock also contains vendored code, now might be a
> good time to review it for any needed updates.
>
> Thank you for your rock and for attending to this matter.
>
> References:
>  * https://ubuntu.com/security/notices/USN-4966-1/
>

Follow ups

Re: nginx contains outdated Ubuntu packages
From: Sergio Durigan Junior, 2021-05-26