ubuntu-docker-images team mailing list archive

Thread
Date

Re: Fwd: postgres contains outdated Ubuntu packages

To: Emilia Torino <emilia.torino@xxxxxxxxxxxxx>
From: Sergio Durigan Junior <sergio.durigan@xxxxxxxxxxxxx>
Date: Wed, 23 Feb 2022 07:26:22 -0500
Cc: ubuntu-docker-images@xxxxxxxxxxxxxxxxxxx
In-reply-to: <CABYK4ixkduxpQDn3-gRpzzBH+EaHUr_8wpCb6fD106GtDew8eA@mail.gmail.com> (Emilia Torino's message of "Wed, 23 Feb 2022 09:19:59 -0300")
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/26.3 (gnu/linux)

On Wednesday, February 23 2022, Emilia Torino wrote:

> several rocks are affected FYI

Thanks, Emilia.

I'm rebuilding (and will retag) the following ROCKS:

postgresql
memcached
apache2
cassandra
nginx

On top of that, the grafana 20.04 snap also requires a rebuild; however,
unfortunately the build is failing for some reason I haven't been able
to determine so far.  I will look into it later.

> ---------- Forwarded message ---------
> From: <security-team-toolbox-bot@xxxxxxxxxxxxx>
> Date: Wed, Feb 23, 2022 at 2:10 AM
> Subject: postgres contains outdated Ubuntu packages
> To: <ubuntu-docker-images@xxxxxxxxxxxxxxxxxxx>, <
> sergio.durigan@xxxxxxxxxxxxx>
>
>
> A scan of this rock shows that it was built with packages from the Ubuntu
> archive that have since received security updates. The following lists new
> USNs for affected binary packages in each rock revision:
>
> Revision r27995baceacd (arm64; channels: 12-20.04_edge, 12-20.04_beta)
>  * libsasl2-2: 5301-1
>  * libsasl2-modules-db: 5301-1
>
> Revision r4bb72bee0038 (ppc64le; channels: 12-20.04_edge, 12-20.04_beta)
>  * libsasl2-2: 5301-1
>  * libsasl2-modules-db: 5301-1
>
> Revision r4cf0c79e466e (s390x; channels: 13-21.10_beta, edge,
> 13-21.10_edge, latest)
>  * libsasl2-2: 5301-1
>  * libsasl2-modules-db: 5301-1
>
> Revision r556b2b9491f5 (arm64; channels: 13-21.10_beta, edge,
> 13-21.10_edge, latest)
>  * libsasl2-2: 5301-1
>  * libsasl2-modules-db: 5301-1
>
> Revision r56c7fba2d3ba (s390x; channels: 12-20.04_edge, 12-20.04_beta)
>  * libsasl2-2: 5301-1
>  * libsasl2-modules-db: 5301-1
>
> Revision r742e27260686 (amd64; channels: 13-21.10_beta, edge,
> 13-21.10_edge, latest)
>  * libsasl2-2: 5301-1
>  * libsasl2-modules-db: 5301-1
>
> Revision r913da56ed2b9 (amd64; channels: 12-20.04_edge, 12-20.04_beta)
>  * libsasl2-2: 5301-1
>  * libsasl2-modules-db: 5301-1
>
> Revision rc05faba91e01 (ppc64le; channels: 13-21.10_beta, edge,
> 13-21.10_edge, latest)
>  * libsasl2-2: 5301-1
>  * libsasl2-modules-db: 5301-1
>
> Simply rebuilding the rock will pull in the new security updates and
> resolve this. If your rock also contains vendored code, now might be a
> good time to review it for any needed updates.
>
> Thank you for your rock and for attending to this matter.
>
> References:
>  * https://ubuntu.com/security/notices/USN-5301-1/
> -- 
> Mailing list: https://launchpad.net/~ubuntu-docker-images
> Post to     : ubuntu-docker-images@xxxxxxxxxxxxxxxxxxx
> Unsubscribe : https://launchpad.net/~ubuntu-docker-images
> More help   : https://help.launchpad.net/ListHelp
>

-- 
Sergio
GPG key ID: E92F D0B3 6B14 F1F4 D8E0  EB2F 106D A1C8 C3CB BF14

References

Fwd: postgres contains outdated Ubuntu packages
From: Emilia Torino, 2022-02-23