ubuntu-docker-images team mailing list archive
-
ubuntu-docker-images team
-
Mailing list archive
-
Message #00129
Re: cassandra contains outdated Ubuntu packages
-
To:
ubuntu-docker-images@xxxxxxxxxxxxxxxxxxx
-
From:
Sergio Durigan Junior <sergio.durigan@xxxxxxxxxxxxx>
-
Date:
Wed, 05 Jan 2022 08:02:07 -0500
-
In-reply-to:
<61bd6dc3.1c69fb81.10687.8c83SMTPIN_ADDED_MISSING@mx.google.com> (security-team-toolbox-bot@canonical.com's message of "Fri, 17 Dec 2021 21:12:35 -0800 (PST)")
-
User-agent:
Gnus/5.13 (Gnus v5.13) Emacs/26.3 (gnu/linux)
On Saturday, December 18 2021, security-team-toolbox-bot@xxxxxxxxxxxxx wrote:
> A scan of this rock shows that it was built with packages from the Ubuntu
> archive that have since received security updates. The following lists new
> USNs for affected binary packages in each rock revision:
>
> Revision r2c516c0b52cc (s390x; channels: 4.0-20.04_edge, 4.0-20.04_beta)
> * openjdk-8-jre-headless: 5202-1
>
> Revision r3e3536dfc7b3 (ppc64le; channels: 4.0-20.04_edge, 4.0-20.04_beta)
> * openjdk-8-jre-headless: 5202-1
>
> Revision r45c25ab1fe6d (arm64; channels: 4.0-21.04_edge, 4.0-21.04_beta)
> * openjdk-8-jre-headless: 5202-1
>
> Revision r4906bd316c4d (arm64; channels: latest, 4.0-21.10_beta, edge, 4.0-21.10_edge)
> * openjdk-8-jre-headless: 5202-1
>
> Revision r918d2ef048da (amd64; channels: 4.0-20.04_edge, 4.0-20.04_beta)
> * openjdk-8-jre-headless: 5202-1
>
> Revision ra6c9dd173427 (s390x; channels: latest, 4.0-21.10_beta, edge, 4.0-21.10_edge)
> * openjdk-8-jre-headless: 5202-1
>
> Revision racfad1867bf7 (ppc64le; channels: 4.0-21.04_edge, 4.0-21.04_beta)
> * openjdk-8-jre-headless: 5202-1
>
> Revision rb33a73ecad3c (amd64; channels: latest, 4.0-21.10_beta, edge, 4.0-21.10_edge)
> * openjdk-8-jre-headless: 5202-1
>
> Revision rb65e14052a6c (ppc64le; channels: latest, 4.0-21.10_beta, edge, 4.0-21.10_edge)
> * openjdk-8-jre-headless: 5202-1
>
> Revision rc45c52be7797 (s390x; channels: 4.0-21.04_edge, 4.0-21.04_beta)
> * openjdk-8-jre-headless: 5202-1
>
> Revision rdda0cfa88290 (amd64; channels: 4.0-21.04_edge, 4.0-21.04_beta)
> * openjdk-8-jre-headless: 5202-1
>
> Revision rf30d7159885e (arm64; channels: 4.0-20.04_edge, 4.0-20.04_beta)
> * openjdk-8-jre-headless: 5202-1
On Saturday, December 18 2021, noreply wrote:
> A scan of this snap shows that it was built with packages from the Ubuntu
> archive that have since received security updates. The following lists new
> USNs for affected binary packages in each snap revision:
>
> Revision r1418 (ppc64el; channels: edge, 20.04/edge, 21.04/edge, 21.10/edge)
> * openjdk-8-jre-headless: 5202-1
>
> Revision r1420 (arm64; channels: edge, 20.04/edge, 21.04/edge, 21.10/edge)
> * openjdk-8-jre-headless: 5202-1
>
> Revision r1421 (amd64; channels: edge, 20.04/edge, 21.04/edge, 21.10/edge)
> * openjdk-8-jre-headless: 5202-1
>
> Revision r1423 (s390x; channels: edge, 20.04/edge, 21.04/edge, 21.10/edge)
> * openjdk-8-jre-headless: 5202-1
I've rebuilt the snap, the OCI images, and retagged them.
Thanks,
--
Sergio
GPG key ID: E92F D0B3 6B14 F1F4 D8E0 EB2F 106D A1C8 C3CB BF14
