ubuntu-docker-images team mailing list archive

[security-team-toolbox-bot@xxxxxxxxxxxxx]

A scan of this rock shows that it was built with packages from the Ubuntu
archive that have since received security updates. The following lists new
USNs for affected binary packages in each rock revision:

Revision r1250cabbee88 (s390x; channels: 8.0-20.04_edge, 8.0-20.04_beta)
 * libssl1.1: 5488-1
 * openssl: 5488-1

Revision r138b4916fdd5 (arm64; channels: edge, 8.0-22.04_beta, 8.0-22.04_edge, latest)
 * libssl3: 5488-1
 * openssl: 5488-1

Revision r4ed65baa9765 (amd64; channels: 8.0-21.10_beta, 8.0-21.10_edge)
 * libssl1.1: 5488-1
 * openssl: 5488-1

Revision r56f114c28923 (ppc64le; channels: 8.0-20.04_edge, 8.0-20.04_beta)
 * libssl1.1: 5488-1
 * openssl: 5488-1

Revision r7a54d638e215 (ppc64le; channels: 8.0-21.10_beta, 8.0-21.10_edge)
 * libssl1.1: 5488-1
 * openssl: 5488-1

Revision r88d762c2fe48 (s390x; channels: 8.0-21.10_beta, 8.0-21.10_edge)
 * libssl1.1: 5488-1
 * openssl: 5488-1

Revision ra222d9e61bdc (amd64; channels: 8.0-20.04_edge, 8.0-20.04_beta)
 * libssl1.1: 5488-1
 * openssl: 5488-1

Revision ra6aa2c0bfc20 (arm64; channels: 8.0-21.10_beta, 8.0-21.10_edge)
 * libssl1.1: 5488-1
 * openssl: 5488-1

Revision re987ae33d4ce (amd64; channels: edge, 8.0-22.04_beta, 8.0-22.04_edge, latest)
 * libssl3: 5488-1
 * openssl: 5488-1

Revision rea5514c7136c (arm64; channels: 8.0-20.04_edge, 8.0-20.04_beta)
 * libssl1.1: 5488-1
 * openssl: 5488-1

Revision rf7920792d28b (s390x; channels: edge, 8.0-22.04_beta, 8.0-22.04_edge, latest)
 * libssl3: 5488-1
 * openssl: 5488-1

Revision rfb4b76124c94 (ppc64le; channels: edge, 8.0-22.04_beta, 8.0-22.04_edge, latest)
 * libssl3: 5488-1
 * openssl: 5488-1

Simply rebuilding the rock will pull in the new security updates and
resolve this. If your rock also contains vendored code, now might be a
good time to review it for any needed updates.

Thank you for your rock and for attending to this matter.

References:
 * https://ubuntu.com/security/notices/USN-5488-1/