A scan of this rock shows that it was built with packages from the Ubuntu
archive that have since received security updates. The following lists new
USNs for affected binary packages in each rock revision:
Revision r0e275bca1434 (s390x; channels: 1.18-22.04_beta, 1.18-22.04_edge, latest, edge)
* libfreetype6: 5528-1
Revision r2582c5da6c52 (ppc64le; channels: 1.18-22.04_beta, 1.18-22.04_edge, latest, edge)
* libfreetype6: 5528-1
Revision r8998416b476e (amd64; channels: 1.18-22.04_beta, 1.18-22.04_edge, latest, edge)
* libfreetype6: 5528-1
Revision r9718a77cbed9 (arm64; channels: 1.18-20.04_edge, 1.18-20.04_beta)
* libfreetype6: 5528-1
Revision ra9cd1e8767ef (amd64; channels: 1.18-20.04_edge, 1.18-20.04_beta)
* libfreetype6: 5528-1
Revision rbe183fa1f9b1 (s390x; channels: 1.18-20.04_edge, 1.18-20.04_beta)
* libfreetype6: 5528-1
Revision re11a3508b9b9 (arm64; channels: 1.18-22.04_beta, 1.18-22.04_edge, latest, edge)
* libfreetype6: 5528-1
Revision rfc80037c5191 (ppc64le; channels: 1.18-20.04_edge, 1.18-20.04_beta)
* libfreetype6: 5528-1
Simply rebuilding the rock will pull in the new security updates and
resolve this. If your rock also contains vendored code, now might be a
good time to review it for any needed updates.
Thank you for your rock and for attending to this matter.
References:
* https://ubuntu.com/security/notices/USN-5528-1/
