ubuntu-docker-images team mailing list archive
-
ubuntu-docker-images team
-
Mailing list archive
-
Message #00017
Re: postgres contains outdated Ubuntu packages
-
To:
ubuntu-docker-images@xxxxxxxxxxxxxxxxxxx
-
From:
Sergio Durigan Junior <sergio.durigan@xxxxxxxxxxxxx>
-
Date:
Wed, 02 Jun 2021 10:08:48 -0400
-
In-reply-to:
<60b7116e.1c69fb81.2fe29.c169SMTPIN_ADDED_MISSING@mx.google.com> (noreply@canonical.com's message of "Tue, 01 Jun 2021 22:04:46 -0700 (PDT)")
-
User-agent:
Gnus/5.13 (Gnus v5.13) Emacs/26.3 (gnu/linux)
On Wednesday, June 02 2021, noreply@xxxxxxxxxxxxx wrote:
> A scan of this rock shows that it was built with packages from the Ubuntu
> archive that have since received security updates. The following lists new
> USNs for affected binary packages in each rock revision:
>
> Revision r14a331b4066a (ppc64el; channels: 12-20.04_edge, 12-20.04_beta)
> * postgresql-12: 4972-1
> * postgresql-client-12: 4972-1
>
> Revision r1bb6d8f2737f (s390x; channels: 12-20.04_edge, 12-20.04_beta)
> * postgresql-12: 4972-1
> * postgresql-client-12: 4972-1
>
> Revision r82705063e47a (amd64; channels: 12-20.04_edge, 12-20.04_beta)
> * postgresql-12: 4972-1
> * postgresql-client-12: 4972-1
>
> Revision rb239155417dc (arm64; channels: 12-20.04_edge, 12-20.04_beta)
> * postgresql-12: 4972-1
> * postgresql-client-12: 4972-1
>
> Simply rebuilding the rock will pull in the new security updates and
> resolve this. If your rock also contains vendored code, now might be a
> good time to review it for any needed updates.
>
> Thank you for your rock and for attending to this matter.
>
> References:
> * https://ubuntu.com/security/notices/USN-4972-1/
FWIW I got this email today from the security and I'm already acting on
it.
I've just ping'ed Emi to check if there are any news about getting these
notifications sent to this list. I'm also going to ask her to
explicitly add Athos and Bryce to the Cc list of these emails.
Thanks,
--
Sergio
GPG key ID: E92F D0B3 6B14 F1F4 D8E0 EB2F 106D A1C8 C3CB BF14
Follow ups
