← Back to team overview

ubuntu-docker-images team mailing list archive

  1. ubuntu-docker-images team
  2. Mailing list archive
  3. Message #00146

Fwd: postgres contains outdated Ubuntu packages

  Thread PreviousDate PreviousThread Next 
This affects all ubuntu based ROCKs FYI

---------- Forwarded message ---------
From: <security-team-toolbox-bot@xxxxxxxxxxxxx>
Date: Thu, Feb 10, 2022 at 2:09 AM
Subject: postgres contains outdated Ubuntu packages
To: <ubuntu-docker-images@xxxxxxxxxxxxxxxxxxx>, <
sergio.durigan@xxxxxxxxxxxxx>


A scan of this rock shows that it was built with packages from the Ubuntu
archive that have since received security updates. The following lists new
USNs for affected binary packages in each rock revision:

Revision r2d67df1418f8 (amd64; channels: latest, 13-21.10_edge, edge,
13-21.10_beta)
 * bsdutils: 5279-1
 * libblkid1: 5279-1
 * libmount1: 5279-1
 * libsmartcols1: 5279-1
 * libuuid1: 5279-1
 * mount: 5279-1
 * util-linux: 5279-1

Revision r2e7fbf6a4e7b (arm64; channels: latest, 13-21.10_edge, edge,
13-21.10_beta)
 * bsdutils: 5279-1
 * libblkid1: 5279-1
 * libmount1: 5279-1
 * libsmartcols1: 5279-1
 * libuuid1: 5279-1
 * mount: 5279-1
 * util-linux: 5279-1

Revision r362dedf5bda4 (s390x; channels: 12-20.04_beta, 12-20.04_edge)
 * bsdutils: 5279-1
 * fdisk: 5279-1
 * libblkid1: 5279-1
 * libfdisk1: 5279-1
 * libmount1: 5279-1
 * libsmartcols1: 5279-1
 * libuuid1: 5279-1
 * mount: 5279-1
 * util-linux: 5279-1

Revision r3ce634316997 (ppc64le; channels: 12-20.04_beta, 12-20.04_edge)
 * bsdutils: 5279-1
 * fdisk: 5279-1
 * libblkid1: 5279-1
 * libfdisk1: 5279-1
 * libmount1: 5279-1
 * libsmartcols1: 5279-1
 * libuuid1: 5279-1
 * mount: 5279-1
 * util-linux: 5279-1

Revision r91f2622f3250 (amd64; channels: 12-20.04_beta, 12-20.04_edge)
 * bsdutils: 5279-1
 * fdisk: 5279-1
 * libblkid1: 5279-1
 * libfdisk1: 5279-1
 * libmount1: 5279-1
 * libsmartcols1: 5279-1
 * libuuid1: 5279-1
 * mount: 5279-1
 * util-linux: 5279-1

Revision rba975e69d28b (ppc64le; channels: latest, 13-21.10_edge, edge,
13-21.10_beta)
 * bsdutils: 5279-1
 * libblkid1: 5279-1
 * libmount1: 5279-1
 * libsmartcols1: 5279-1
 * libuuid1: 5279-1
 * mount: 5279-1
 * util-linux: 5279-1

Revision re984ce151d7d (arm64; channels: 12-20.04_beta, 12-20.04_edge)
 * bsdutils: 5279-1
 * fdisk: 5279-1
 * libblkid1: 5279-1
 * libfdisk1: 5279-1
 * libmount1: 5279-1
 * libsmartcols1: 5279-1
 * libuuid1: 5279-1
 * mount: 5279-1
 * util-linux: 5279-1

Revision rf3fb042151ec (s390x; channels: latest, 13-21.10_edge, edge,
13-21.10_beta)
 * bsdutils: 5279-1
 * libblkid1: 5279-1
 * libmount1: 5279-1
 * libsmartcols1: 5279-1
 * libuuid1: 5279-1
 * mount: 5279-1
 * util-linux: 5279-1

Simply rebuilding the rock will pull in the new security updates and
resolve this. If your rock also contains vendored code, now might be a
good time to review it for any needed updates.

Thank you for your rock and for attending to this matter.

References:
 * https://ubuntu.com/security/notices/USN-5279-1/

Follow ups

  Thread PreviousDate PreviousThread Next