ubuntu-docker-images team mailing list archive

Thread
Date

Re: postgres contains outdated Ubuntu packages

To: ubuntu-docker-images@xxxxxxxxxxxxxxxxxxx
From: Sergio Durigan Junior <sergio.durigan@xxxxxxxxxxxxx>
Date: Wed, 02 Jun 2021 14:30:53 -0400
In-reply-to: <87r1hk4avj.fsf@canonical.com> (Sergio Durigan Junior's message of "Wed, 02 Jun 2021 10:08:48 -0400")
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/26.3 (gnu/linux)

On Wednesday, June 02 2021, I wrote:

> On Wednesday, June 02 2021, noreply@xxxxxxxxxxxxx wrote:
>
>> A scan of this rock shows that it was built with packages from the Ubuntu
>> archive that have since received security updates. The following lists new
>> USNs for affected binary packages in each rock revision:
>>
>> Revision r14a331b4066a (ppc64el; channels: 12-20.04_edge, 12-20.04_beta)
>>  * postgresql-12: 4972-1
>>  * postgresql-client-12: 4972-1
>>
>> Revision r1bb6d8f2737f (s390x; channels: 12-20.04_edge, 12-20.04_beta)
>>  * postgresql-12: 4972-1
>>  * postgresql-client-12: 4972-1
>>
>> Revision r82705063e47a (amd64; channels: 12-20.04_edge, 12-20.04_beta)
>>  * postgresql-12: 4972-1
>>  * postgresql-client-12: 4972-1
>>
>> Revision rb239155417dc (arm64; channels: 12-20.04_edge, 12-20.04_beta)
>>  * postgresql-12: 4972-1
>>  * postgresql-client-12: 4972-1
>>
>> Simply rebuilding the rock will pull in the new security updates and
>> resolve this. If your rock also contains vendored code, now might be a
>> good time to review it for any needed updates.
>>
>> Thank you for your rock and for attending to this matter.
>>
>> References:
>>  * https://ubuntu.com/security/notices/USN-4972-1/
>
> FWIW I got this email today from the security and I'm already acting on
> it.

This has now been built, uploaded and tagged.

-- 
Sergio
GPG key ID: E92F D0B3 6B14 F1F4 D8E0  EB2F 106D A1C8 C3CB BF14

Follow ups

Re: postgres contains outdated Ubuntu packages
From: Rick Harding, 2021-06-02

References

Re: postgres contains outdated Ubuntu packages
From: Sergio Durigan Junior, 2021-06-02