ubuntu-docker-images team mailing list archive

[Athos Ribeiro <athos.ribeiro@xxxxxxxxxxxxx>]

On Tue, Jun 28, 2022 at 05:15:17AM +0000, security-team-toolbox-bot@xxxxxxxxxxxxx wrote:
> A scan of this rock shows that it was built with packages from the Ubuntu
> archive that have since received security updates. The following lists new
> USNs for affected binary packages in each rock revision:
>
> Revision r129fb89ac02e (ppc64le; channels: edge, 2.4-22.04_edge, latest, 2.4-22.04_beta)
> * libcurl4: 5495-1
>
> Revision r17975f1f38da (amd64; channels: 2.4-21.10_beta, 2.4-21.10_edge)
> * libcurl4: 5495-1
>
> Revision r24b92a2527cc (amd64; channels: edge, 2.4-22.04_edge, latest, 2.4-22.04_beta)
> * libcurl4: 5495-1
>
> Revision r2c9a17127ce0 (ppc64le; channels: 2.4-20.04_beta, 2.4-20.04_edge)
> * libcurl4: 5495-1
>
> Revision r61a8516b4a2d (amd64; channels: 2.4-20.04_beta, 2.4-20.04_edge)
> * libcurl4: 5495-1
>
> Revision r68d7320f7e6b (arm64; channels: edge, 2.4-22.04_edge, latest, 2.4-22.04_beta)
> * libcurl4: 5495-1
>
> Revision r7077d32918a0 (arm64; channels: 2.4-20.04_beta, 2.4-20.04_edge)
> * libcurl4: 5495-1
>
> Revision r8ce2831b6666 (s390x; channels: edge, 2.4-22.04_edge, latest, 2.4-22.04_beta)
> * libcurl4: 5495-1
>
> Revision r99c6234fd821 (s390x; channels: 2.4-20.04_beta, 2.4-20.04_edge)
> * libcurl4: 5495-1
>
> Revision rb978ab693ec6 (ppc64le; channels: 2.4-21.10_beta, 2.4-21.10_edge)
> * libcurl4: 5495-1
>
> Revision rc3b8a93efa3d (s390x; channels: 2.4-21.10_beta, 2.4-21.10_edge)
> * libcurl4: 5495-1
>
> Revision rdf5f6e084319 (arm64; channels: 2.4-21.10_beta, 2.4-21.10_edge)
> * libcurl4: 5495-1
>
> Simply rebuilding the rock will pull in the new security updates and
> resolve this. If your rock also contains vendored code, now might be a
> good time to review it for any needed updates.
>
> Thank you for your rock and for attending to this matter.
>
> References:
> * https://ubuntu.com/security/notices/USN-5495-1/

These images have been rebuilt and retagged.

--
Athos Ribeiro