ubuntu-docker-images team mailing list archive
-
ubuntu-docker-images team
-
Mailing list archive
-
Message #00089
Re: CVEs potentially affecting cortex and telegraf
On Thu, Sep 09, 2021 at 05:00:47AM +0000, security-team-toolbox-bot@xxxxxxxxxxxxx wrote:
New CVEs affecting packages used to build upstream based rocks have been
created in the Ubuntu CVE tracker:
* https://github.com/hashicorp/consul: CVE-2021-37219, CVE-2021-38698
* https://github.com/prometheus/prometheus:
* https://github.com/gogo/protobuf:
Please review your rock to understand if it is affected by these CVEs.
Thank you for your rock and for attending to this matter.
References:
https://git.launchpad.net/ubuntu-cve-tracker/tree/active/CVE-2021-37219
https://git.launchpad.net/ubuntu-cve-tracker/tree/active/CVE-2021-38698
--
Mailing list: https://launchpad.net/~ubuntu-docker-images
Post to : ubuntu-docker-images@xxxxxxxxxxxxxxxxxxx
Unsubscribe : https://launchpad.net/~ubuntu-docker-images
More help : https://help.launchpad.net/ListHelp
Hello everyone!
Just a heads up that I am checking this one now.
I'd also like to confirm that I got the email in the list (so the issue
where the list was not receiving these emails seems to be fixed).
Moreover, thank you, Emilia, for including the names of the potentially
affected images in the subject. While not urgent, for the future, when
the number of published images gets higher, it would be nice to also
include the tags of those images!
Best regards,
--
Athos Ribeiro
Follow ups
References