ubuntu-docker-images team mailing list archive

[Athos Ribeiro <athos.ribeiro@xxxxxxxxxxxxx>]

On Fri, Aug 05, 2022 at 05:15:05AM +0000, security-team-toolbox-bot@xxxxxxxxxxxxx wrote:
> A scan of this rock shows that it was built with packages from the Ubuntu
> archive that have since received security updates. The following lists new
> USNs for affected binary packages in each rock revision:
>
> Revision r2958c3de8a0c (amd64; channels: 2.4-20.04_edge, 2.4-20.04_beta)
> * libgnutls30: 5550-1
> * libxml2: 5548-1
>
> Revision r58a563b912e7 (arm64; channels: latest, edge, 2.4-22.04_edge, 2.4-22.04_beta)
> * libgnutls30: 5550-1
>
> Revision r6ee55240c99a (arm64; channels: 2.4-20.04_edge, 2.4-20.04_beta)
> * libgnutls30: 5550-1
> * libxml2: 5548-1
>
> Revision rae87a212e72e (s390x; channels: 2.4-20.04_edge, 2.4-20.04_beta)
> * libgnutls30: 5550-1
> * libxml2: 5548-1
>
> Revision rc0f935b9cf79 (ppc64le; channels: latest, edge, 2.4-22.04_edge, 2.4-22.04_beta)
> * libgnutls30: 5550-1
>
> Revision rdac2a76e5aec (amd64; channels: latest, edge, 2.4-22.04_edge, 2.4-22.04_beta)
> * libgnutls30: 5550-1
>
> Revision rdc98e96b4d0d (s390x; channels: latest, edge, 2.4-22.04_edge, 2.4-22.04_beta)
> * libgnutls30: 5550-1
>
> Revision rfc7e69faf329 (ppc64le; channels: 2.4-20.04_edge, 2.4-20.04_beta)
> * libgnutls30: 5550-1
> * libxml2: 5548-1
>
> Simply rebuilding the rock will pull in the new security updates and
> resolve this. If your rock also contains vendored code, now might be a
> good time to review it for any needed updates.
>
> Thank you for your rock and for attending to this matter.
>
> References:
> * https://ubuntu.com/security/notices/USN-5548-1/
> * https://ubuntu.com/security/notices/USN-5550-1/

These images have been re-built and re-tagged.

--
Athos Ribeiro