ubuntu-docker-images team mailing list archive

[Sergio Durigan Junior <sergio.durigan@xxxxxxxxxxxxx>]

On Wednesday, February 23 2022, security-team-toolbox-bot@xxxxxxxxxxxxx wrote:

> A scan of this rock shows that it was built with packages from the Ubuntu
> archive that have since received security updates. The following lists new
> USNs for affected binary packages in each rock revision:
>
> Revision r27995baceacd (arm64; channels: 12-20.04_edge, 12-20.04_beta)
>  * libsasl2-2: 5301-1
>  * libsasl2-modules-db: 5301-1
>
> Revision r4bb72bee0038 (ppc64le; channels: 12-20.04_edge, 12-20.04_beta)
>  * libsasl2-2: 5301-1
>  * libsasl2-modules-db: 5301-1
>
> Revision r4cf0c79e466e (s390x; channels: 13-21.10_beta, edge, 13-21.10_edge, latest)
>  * libsasl2-2: 5301-1
>  * libsasl2-modules-db: 5301-1
>
> Revision r556b2b9491f5 (arm64; channels: 13-21.10_beta, edge, 13-21.10_edge, latest)
>  * libsasl2-2: 5301-1
>  * libsasl2-modules-db: 5301-1
>
> Revision r56c7fba2d3ba (s390x; channels: 12-20.04_edge, 12-20.04_beta)
>  * libsasl2-2: 5301-1
>  * libsasl2-modules-db: 5301-1
>
> Revision r742e27260686 (amd64; channels: 13-21.10_beta, edge, 13-21.10_edge, latest)
>  * libsasl2-2: 5301-1
>  * libsasl2-modules-db: 5301-1
>
> Revision r913da56ed2b9 (amd64; channels: 12-20.04_edge, 12-20.04_beta)
>  * libsasl2-2: 5301-1
>  * libsasl2-modules-db: 5301-1
>
> Revision rc05faba91e01 (ppc64le; channels: 13-21.10_beta, edge, 13-21.10_edge, latest)
>  * libsasl2-2: 5301-1
>  * libsasl2-modules-db: 5301-1
>
> Simply rebuilding the rock will pull in the new security updates and
> resolve this. If your rock also contains vendored code, now might be a
> good time to review it for any needed updates.
>
> Thank you for your rock and for attending to this matter.
>
> References:
>  * https://ubuntu.com/security/notices/USN-5301-1/

On Wednesday, February 23 2022, security-team-toolbox-bot@xxxxxxxxxxxxx wrote:

> A scan of this rock shows that it was built with packages from the Ubuntu
> archive that have since received security updates. The following lists new
> USNs for affected binary packages in each rock revision:
>
> Revision r13f4dc974d11 (arm64; channels: 1.5-20.04_beta, 1.5-20.04_edge)
>  * libsasl2-2: 5301-1
>  * libsasl2-modules: 5301-1
>  * libsasl2-modules-db: 5301-1
>
> Revision r17b48eeb7ae7 (s390x; channels: 1.5-20.04_beta, 1.5-20.04_edge)
>  * libsasl2-2: 5301-1
>  * libsasl2-modules: 5301-1
>  * libsasl2-modules-db: 5301-1
>
> Revision r2e944eb5a3e5 (s390x; channels: 1.6-21.10_beta, edge, 1.6-21.10_edge, latest)
>  * libsasl2-2: 5301-1
>  * libsasl2-modules: 5301-1
>  * libsasl2-modules-db: 5301-1
>
> Revision r49fb849d65b7 (amd64; channels: 1.6-21.10_beta, edge, 1.6-21.10_edge, latest)
>  * libsasl2-2: 5301-1
>  * libsasl2-modules: 5301-1
>  * libsasl2-modules-db: 5301-1
>
> Revision r54b45b772b6b (ppc64le; channels: 1.5-20.04_beta, 1.5-20.04_edge)
>  * libsasl2-2: 5301-1
>  * libsasl2-modules: 5301-1
>  * libsasl2-modules-db: 5301-1
>
> Revision r7ef28c6425b0 (arm64; channels: 1.6-21.10_beta, edge, 1.6-21.10_edge, latest)
>  * libsasl2-2: 5301-1
>  * libsasl2-modules: 5301-1
>  * libsasl2-modules-db: 5301-1
>
> Revision rbd97df7d234d (ppc64le; channels: 1.6-21.10_beta, edge, 1.6-21.10_edge, latest)
>  * libsasl2-2: 5301-1
>  * libsasl2-modules: 5301-1
>  * libsasl2-modules-db: 5301-1
>
> Revision ref70ce154495 (amd64; channels: 1.5-20.04_beta, 1.5-20.04_edge)
>  * libsasl2-2: 5301-1
>  * libsasl2-modules: 5301-1
>  * libsasl2-modules-db: 5301-1
>
> Simply rebuilding the rock will pull in the new security updates and
> resolve this. If your rock also contains vendored code, now might be a
> good time to review it for any needed updates.
>
> Thank you for your rock and for attending to this matter.
>
> References:
>  * https://ubuntu.com/security/notices/USN-5301-1/

On Wednesday, February 23 2022, security-team-toolbox-bot@xxxxxxxxxxxxx wrote:

> A scan of this rock shows that it was built with packages from the Ubuntu
> archive that have since received security updates. The following lists new
> USNs for affected binary packages in each rock revision:
>
> Revision r4e15cc189266 (amd64; channels: 2.4-21.10_beta, edge, 2.4-21.10_edge, latest)
>  * libsasl2-2: 5301-1
>  * libsasl2-modules-db: 5301-1
>
> Revision r5af549049da0 (arm64; channels: 2.4-20.04_beta, 2.4-20.04_edge)
>  * libsasl2-2: 5301-1
>  * libsasl2-modules-db: 5301-1
>
> Revision r82d7665ea0ab (ppc64le; channels: 2.4-20.04_beta, 2.4-20.04_edge)
>  * libsasl2-2: 5301-1
>  * libsasl2-modules-db: 5301-1
>
> Revision ra2b03a39df49 (s390x; channels: 2.4-21.10_beta, edge, 2.4-21.10_edge, latest)
>  * libsasl2-2: 5301-1
>  * libsasl2-modules-db: 5301-1
>
> Revision rc0d2901cef4e (s390x; channels: 2.4-20.04_beta, 2.4-20.04_edge)
>  * libsasl2-2: 5301-1
>  * libsasl2-modules-db: 5301-1
>
> Revision re2cd144f4929 (amd64; channels: 2.4-20.04_beta, 2.4-20.04_edge)
>  * libsasl2-2: 5301-1
>  * libsasl2-modules-db: 5301-1
>
> Revision ree4d6de3e72d (arm64; channels: 2.4-21.10_beta, edge, 2.4-21.10_edge, latest)
>  * libsasl2-2: 5301-1
>  * libsasl2-modules-db: 5301-1
>
> Revision rf505d6382e62 (ppc64le; channels: 2.4-21.10_beta, edge, 2.4-21.10_edge, latest)
>  * libsasl2-2: 5301-1
>  * libsasl2-modules-db: 5301-1
>
> Simply rebuilding the rock will pull in the new security updates and
> resolve this. If your rock also contains vendored code, now might be a
> good time to review it for any needed updates.
>
> Thank you for your rock and for attending to this matter.
>
> References:
>  * https://ubuntu.com/security/notices/USN-5301-1/

On Tuesday, February 22 2022, security-team-toolbox-bot@xxxxxxxxxxxxx wrote:

> A scan of this rock shows that it was built with packages from the Ubuntu
> archive that have since received security updates. The following lists new
> USNs for affected binary packages in each rock revision:
>
> Revision r064d74639bce (ppc64le; channels: 4.0-20.04_beta, 4.0-20.04_edge)
>  * libexpat1: 5288-1
>
> Revision r0bada6ba7999 (s390x; channels: 4.0-20.04_beta, 4.0-20.04_edge)
>  * libexpat1: 5288-1
>
> Revision r502d3d1f893a (arm64; channels: latest, 4.0-21.10_edge, 4.0-21.10_beta, edge)
>  * libexpat1: 5288-1
>
> Revision r5096ceb979ea (s390x; channels: latest, 4.0-21.10_edge, 4.0-21.10_beta, edge)
>  * libexpat1: 5288-1
>
> Revision r655977a12012 (arm64; channels: 4.0-20.04_beta, 4.0-20.04_edge)
>  * libexpat1: 5288-1
>
> Revision ra53482d1b3ef (ppc64le; channels: latest, 4.0-21.10_edge, 4.0-21.10_beta, edge)
>  * libexpat1: 5288-1
>
> Revision rc6cbc53ee0ae (amd64; channels: 4.0-20.04_beta, 4.0-20.04_edge)
>  * libexpat1: 5288-1
>
> Revision rd312eed09767 (amd64; channels: latest, 4.0-21.10_edge, 4.0-21.10_beta, edge)
>  * libexpat1: 5288-1
>
> Simply rebuilding the rock will pull in the new security updates and
> resolve this. If your rock also contains vendored code, now might be a
> good time to review it for any needed updates.
>
> Thank you for your rock and for attending to this matter.
>
> References:
>  * https://ubuntu.com/security/notices/USN-5288-1/

On Tuesday, February 22 2022, security-team-toolbox-bot@xxxxxxxxxxxxx wrote:

> A scan of this rock shows that it was built with packages from the Ubuntu
> archive that have since received security updates. The following lists new
> USNs for affected binary packages in each rock revision:
>
> Revision r4e15cc189266 (amd64; channels: latest, 2.4-21.10_beta, 2.4-21.10_edge, edge)
>  * libexpat1: 5288-1
>
> Revision r5af549049da0 (arm64; channels: 2.4-20.04_edge, 2.4-20.04_beta)
>  * libexpat1: 5288-1
>
> Revision r82d7665ea0ab (ppc64le; channels: 2.4-20.04_edge, 2.4-20.04_beta)
>  * libexpat1: 5288-1
>
> Revision ra2b03a39df49 (s390x; channels: latest, 2.4-21.10_beta, 2.4-21.10_edge, edge)
>  * libexpat1: 5288-1
>
> Revision rc0d2901cef4e (s390x; channels: 2.4-20.04_edge, 2.4-20.04_beta)
>  * libexpat1: 5288-1
>
> Revision re2cd144f4929 (amd64; channels: 2.4-20.04_edge, 2.4-20.04_beta)
>  * libexpat1: 5288-1
>
> Revision ree4d6de3e72d (arm64; channels: latest, 2.4-21.10_beta, 2.4-21.10_edge, edge)
>  * libexpat1: 5288-1
>
> Revision rf505d6382e62 (ppc64le; channels: latest, 2.4-21.10_beta, 2.4-21.10_edge, edge)
>  * libexpat1: 5288-1
>
> Simply rebuilding the rock will pull in the new security updates and
> resolve this. If your rock also contains vendored code, now might be a
> good time to review it for any needed updates.
>
> Thank you for your rock and for attending to this matter.
>
> References:
>  * https://ubuntu.com/security/notices/USN-5288-1/

On Tuesday, February 22 2022, security-team-toolbox-bot@xxxxxxxxxxxxx wrote:

> A scan of this rock shows that it was built with packages from the Ubuntu
> archive that have since received security updates. The following lists new
> USNs for affected binary packages in each rock revision:
>
> Revision r27a3e732c0f6 (ppc64le; channels: 1.18-20.04_edge, 1.18-20.04_beta)
>  * libexpat1: 5288-1
>
> Revision r512fd4804e0c (amd64; channels: 1.18-20.04_edge, 1.18-20.04_beta)
>  * libexpat1: 5288-1
>
> Revision r73d198ed2973 (amd64; channels: latest, 1.18-21.10_edge, 1.18-21.10_beta, edge)
>  * libexpat1: 5288-1
>
> Revision r804f44de8547 (s390x; channels: 1.18-20.04_edge, 1.18-20.04_beta)
>  * libexpat1: 5288-1
>
> Revision ra453f620c8cc (s390x; channels: latest, 1.18-21.10_edge, 1.18-21.10_beta, edge)
>  * libexpat1: 5288-1
>
> Revision rb05210de7e19 (arm64; channels: 1.18-20.04_edge, 1.18-20.04_beta)
>  * libexpat1: 5288-1
>
> Revision rd6f42b22fe49 (ppc64le; channels: latest, 1.18-21.10_edge, 1.18-21.10_beta, edge)
>  * libexpat1: 5288-1
>
> Revision re35e62ec0cd5 (arm64; channels: latest, 1.18-21.10_edge, 1.18-21.10_beta, edge)
>  * libexpat1: 5288-1
>
> Simply rebuilding the rock will pull in the new security updates and
> resolve this. If your rock also contains vendored code, now might be a
> good time to review it for any needed updates.
>
> Thank you for your rock and for attending to this matter.
>
> References:
>  * https://ubuntu.com/security/notices/USN-5288-1/

These have all been rebuilt and tagged.

-- 
Sergio
GPG key ID: E92F D0B3 6B14 F1F4 D8E0  EB2F 106D A1C8 C3CB BF14