ubuntu-docker-images team mailing list archive

[Athos Ribeiro <athos.ribeiro@xxxxxxxxxxxxx>]

Hi Emilia,

Thanks for forwarding this to the list :)

I rebuilt and re-tagged the postgres images for 21.10

On Fri, Nov 19, 2021 at 09:34:22AM -0300, Emilia Torino wrote:
> ---------- Forwarded message ---------
> From: <security-team-toolbox-bot@xxxxxxxxxxxxx>
> Date: Fri, Nov 19, 2021 at 2:10 AM
> Subject: postgres contains outdated Ubuntu packages
> To: <ubuntu-docker-images@xxxxxxxxxxxxxxxxxxx>, <
> sergio.durigan@xxxxxxxxxxxxx>
>
>
> A scan of this rock shows that it was built with packages from the Ubuntu
> archive that have since received security updates. The following lists new
> USNs for affected binary packages in each rock revision:
>
> Revision r082c37dee31e (arm64; channels: edge, latest, 13-21.10_beta,
> 13-21.10_edge)
> * libpq5: 5145-1
> * postgresql-13: 5145-1
> * postgresql-client-13: 5145-1
>
> Revision r11b07b18e793 (ppc64le; channels: edge, latest, 13-21.10_beta,
> 13-21.10_edge)
> * libpq5: 5145-1
> * postgresql-13: 5145-1
> * postgresql-client-13: 5145-1
>
> Revision r36e2693e8271 (amd64; channels: edge, latest, 13-21.10_beta,
> 13-21.10_edge)
> * libpq5: 5145-1
> * postgresql-13: 5145-1
> * postgresql-client-13: 5145-1
>
> Revision r87b3df971313 (s390x; channels: edge, latest, 13-21.10_beta,
> 13-21.10_edge)
> * libpq5: 5145-1
> * postgresql-13: 5145-1
> * postgresql-client-13: 5145-1
>
> Simply rebuilding the rock will pull in the new security updates and
> resolve this. If your rock also contains vendored code, now might be a
> good time to review it for any needed updates.
>
> Thank you for your rock and for attending to this matter.
>
> References:
> * https://ubuntu.com/security/notices/USN-5145-1/

> --
> Mailing list: https://launchpad.net/~ubuntu-docker-images
> Post to     : ubuntu-docker-images@xxxxxxxxxxxxxxxxxxx
> Unsubscribe : https://launchpad.net/~ubuntu-docker-images
> More help   : https://help.launchpad.net/ListHelp


--
Athos Ribeiro