ubuntu-docker-images team mailing list archive

[Sergio Durigan Junior <sergio.durigan@xxxxxxxxxxxxx>]

On Wednesday, August 25 2021, security-team-toolbox-bot@xxxxxxxxxxxxx wrote:

> A scan of this rock shows that it was built with packages from the Ubuntu
> archive that have since received security updates. The following lists new
> USNs for affected binary packages in each rock revision:
>
> Revision r29dbc503214e (arm64; channels: latest, 8.0-21.04_beta, edge, 8.0-21.04_edge)
>  * openssl: 5051-1
>
> Revision r2ca0e95a6c6e (amd64; channels: 8.0-20.04_edge, 8.0-20.04_beta)
>  * openssl: 5051-1
>
> Revision r51e6e1d24b11 (amd64; channels: latest, 8.0-21.04_beta, edge, 8.0-21.04_edge)
>  * openssl: 5051-1
>
> Revision r6900b49498f0 (s390x; channels: latest, 8.0-21.04_beta, edge, 8.0-21.04_edge)
>  * openssl: 5051-1
>
> Revision r8985eb3dcf23 (s390x; channels: 8.0-20.04_edge, 8.0-20.04_beta)
>  * openssl: 5051-1
>
> Revision rc7fa50ddb45b (arm64; channels: 8.0-20.04_edge, 8.0-20.04_beta)
>  * openssl: 5051-1
>
> Revision rdd029c63f40e (ppc64le; channels: latest, 8.0-21.04_beta, edge, 8.0-21.04_edge)
>  * openssl: 5051-1
>
> Revision rfcbac702d6c0 (ppc64le; channels: 8.0-20.04_edge, 8.0-20.04_beta)
>  * openssl: 5051-1
>
> Simply rebuilding the rock will pull in the new security updates and
> resolve this. If your rock also contains vendored code, now might be a
> good time to review it for any needed updates.
>
> Thank you for your rock and for attending to this matter.

This is the notification I got for the mysql OCI image.  I'm rebuilding
and will retag it soon.

Thanks,

-- 
Sergio
GPG key ID: E92F D0B3 6B14 F1F4 D8E0  EB2F 106D A1C8 C3CB BF14