ubuntu-docker-images team mailing list archive
-
ubuntu-docker-images team
-
Mailing list archive
-
Message #00340
Re: nginx contains outdated Ubuntu packages
-
To:
rocks@xxxxxxxxxxxxx, balbir.thomas@xxxxxxxxxxxxx, athos.ribeiro@xxxxxxxxxxxxx, paulo.machado@xxxxxxxxxxxxx, jose.masson@xxxxxxxxxxxxx, leon.mintz@xxxxxxxxxxxxx, ryan.barry@xxxxxxxxxxxxx, simon.aronsson@xxxxxxxxxxxxx, ubuntu-docker-images@xxxxxxxxxxxxxxxxxxx
-
From:
Sergio Durigan Junior <sergio.durigan@xxxxxxxxxxxxx>
-
Date:
Thu, 13 Oct 2022 18:03:06 -0400
-
In-reply-to:
<20221013051337.9C8D240308@security-toolbox.internal> (security-team-toolbox-bot@canonical.com's message of "Thu, 13 Oct 2022 05:13:37 +0000 (UTC)")
-
User-agent:
Gnus/5.13 (Gnus v5.13) Emacs/26.3 (gnu/linux)
On Thursday, October 13 2022, security-team-toolbox-bot@xxxxxxxxxxxxx wrote:
> A scan of this rock shows that it was built with packages from the Ubuntu
> archive that have since received security updates. The following lists new
> USNs for affected binary packages in each rock revision:
>
> Revision r78f7caf8995e (arm64; channels: 1.18-20.04_edge, 1.18-20.04_beta)
> * libgmp10: 5672-1
>
> Revision rbb0b133e9371 (amd64; channels: 1.18-20.04_edge, 1.18-20.04_beta)
> * libgmp10: 5672-1
>
> Revision rebdad0cffe00 (s390x; channels: 1.18-20.04_edge, 1.18-20.04_beta)
> * libgmp10: 5672-1
>
> Revision rf28362280151 (ppc64le; channels: 1.18-20.04_edge, 1.18-20.04_beta)
> * libgmp10: 5672-1
>
> Simply rebuilding the rock will pull in the new security updates and
> resolve this. If your rock also contains vendored code, now might be a
> good time to review it for any needed updates.
>
> Thank you for your rock and for attending to this matter.
>
> References:
> * https://ubuntu.com/security/notices/USN-5672-1/
Rebuilt and retagged.
--
Sergio
GPG key ID: E92F D0B3 6B14 F1F4 D8E0 EB2F 106D A1C8 C3CB BF14
References
