ubuntu-docker-images team mailing list archive

Thread
Date

Re: postgres contains outdated Ubuntu packages

To: security-team-toolbox-bot@xxxxxxxxxxxxx
From: Paulo Machado <paulo.machado@xxxxxxxxxxxxx>
Date: Thu, 20 Oct 2022 15:43:35 -0300
Cc: balbir.thomas@xxxxxxxxxxxxx, ryan.barry@xxxxxxxxxxxxx, jose.masson@xxxxxxxxxxxxx, simon.aronsson@xxxxxxxxxxxxx, ubuntu-docker-images@xxxxxxxxxxxxxxxxxxx, leon.mintz@xxxxxxxxxxxxx, rocks@xxxxxxxxxxxxx
In-reply-to: <20221020051623.30933400BC@security-toolbox.internal>

Rebuilt and retagged!

On Thu, Oct 20, 2022 at 2:16 AM <security-team-toolbox-bot@xxxxxxxxxxxxx>
wrote:

> A scan of this rock shows that it was built with packages from the Ubuntu
> archive that have since received security updates. The following lists new
> USNs for affected binary packages in each rock revision:
>
> Revision r0a60adaa6fa8 (amd64; channels: edge, 14-22.04_edge,
> 14-22.04_beta, latest)
>  * libperl5.34: 5689-1
>  * perl: 5689-1
>  * perl-base: 5689-1
>  * perl-modules-5.34: 5689-1
>
> Revision r517c4fdee650 (arm64; channels: 12-20.04_beta, 12-20.04_edge)
>  * libperl5.30: 5689-1
>  * perl: 5689-1
>  * perl-base: 5689-1
>  * perl-modules-5.30: 5689-1
>
> Revision r921aa20821c4 (amd64; channels: 12-20.04_beta, 12-20.04_edge)
>  * libperl5.30: 5689-1
>  * perl: 5689-1
>  * perl-base: 5689-1
>  * perl-modules-5.30: 5689-1
>
> Revision rbdbf7f9e67dc (ppc64le; channels: 12-20.04_beta, 12-20.04_edge)
>  * libperl5.30: 5689-1
>  * perl: 5689-1
>  * perl-base: 5689-1
>  * perl-modules-5.30: 5689-1
>
> Revision rc525d3ee432d (ppc64le; channels: edge, 14-22.04_edge,
> 14-22.04_beta, latest)
>  * libperl5.34: 5689-1
>  * perl: 5689-1
>  * perl-base: 5689-1
>  * perl-modules-5.34: 5689-1
>
> Revision rcc4f38631785 (s390x; channels: edge, 14-22.04_edge,
> 14-22.04_beta, latest)
>  * libperl5.34: 5689-1
>  * perl: 5689-1
>  * perl-base: 5689-1
>  * perl-modules-5.34: 5689-1
>
> Revision rd02aa71227c3 (arm64; channels: edge, 14-22.04_edge,
> 14-22.04_beta, latest)
>  * libperl5.34: 5689-1
>  * perl: 5689-1
>  * perl-base: 5689-1
>  * perl-modules-5.34: 5689-1
>
> Revision rf506fb1848b3 (s390x; channels: 12-20.04_beta, 12-20.04_edge)
>  * libperl5.30: 5689-1
>  * perl: 5689-1
>  * perl-base: 5689-1
>  * perl-modules-5.30: 5689-1
>
> Simply rebuilding the rock will pull in the new security updates and
> resolve this. If your rock also contains vendored code, now might be a
> good time to review it for any needed updates.
>
> Thank you for your rock and for attending to this matter.
>
> References:
>  * https://ubuntu.com/security/notices/USN-5689-1/
>

References

postgres contains outdated Ubuntu packages
From: security-team-toolbox-bot, 2022-10-20