ubuntu-docker-images team mailing list archive

[Athos Ribeiro <athos.ribeiro@xxxxxxxxxxxxx>]

On Wed, Nov 16, 2022 at 01:09:11PM -0300, Emilia Torino wrote:
> FYI
>
> I have just updated the list of supported rocks as requested.
>
> There is a part of this which requires a review-tools update to land so
> everyone can get this notification:
> https://code.launchpad.net/~emitorino/review-tools/+git/review-tools/+merge/433136
> .
>
> I am fw this manually in the meantime.

Thanks, Emilia!

I rebuilt and retagged these images!

> ---------- Forwarded message ---------
> From: <security-team-toolbox-bot@xxxxxxxxxxxxx>
> Date: Wed, Nov 16, 2022 at 12:41 PM
> Subject: squid contains outdated Ubuntu packages
> To: <rocks@xxxxxxxxxxxxx>, <sergio.durigan@xxxxxxxxxxxxx>
>
>
> A scan of this rock shows that it was built with packages from the Ubuntu
> archive that have since received security updates. The following lists new
> USNs for affected binary packages in each rock revision:
>
> Revision r07de14186b55 (amd64; channels: 4.13-21.10_beta)
> * gpgv: 5503-1
> * libssl1.1: 5488-1, 5502-1
> * openssl: 5488-1, 5502-1
> * squid: 5491-1
> * squid-common: 5491-1
>
> Revision r1048e3320ad4 (ppc64le; channels: 4.13-21.04_beta)
> * libicu67: 5156-1
> * libsystemd0: 5226-1
> * libudev1: 5226-1
>
> Revision r4cb694be6be1 (amd64; channels: 4.13-21.04_beta)
> * libicu67: 5156-1
> * libsystemd0: 5226-1
> * libudev1: 5226-1
>
> Revision r603bb7f56423 (arm64; channels: 4.13-21.10_beta)
> * gpgv: 5503-1
> * libssl1.1: 5488-1, 5502-1
> * openssl: 5488-1, 5502-1
> * squid: 5491-1
> * squid-common: 5491-1
>
> Revision r61dab9271e00 (s390x; channels: 4.10-20.04_edge, 4.10-20.04_beta)
> * libsqlite3-0: 5716-1
>
> Revision r8a3630a45c65 (s390x; channels: 4.13-21.04_beta)
> * libicu67: 5156-1
> * libsystemd0: 5226-1
> * libudev1: 5226-1
>
> Revision r8c2848f9b053 (ppc64le; channels: 4.10-20.04_edge, 4.10-20.04_beta)
> * libsqlite3-0: 5716-1
>
> Revision r95f2b308420e (arm64; channels: 4.10-20.04_edge, 4.10-20.04_beta)
> * libsqlite3-0: 5716-1
>
> Revision ra6533b805747 (ppc64le; channels: 4.13-21.10_beta)
> * gpgv: 5503-1
> * libssl1.1: 5488-1, 5502-1
> * openssl: 5488-1, 5502-1
> * squid: 5491-1
> * squid-common: 5491-1
>
> Revision rb7d9d4c700b4 (s390x; channels: 4.13-21.10_beta)
> * gpgv: 5503-1
> * libssl1.1: 5488-1, 5502-1
> * openssl: 5488-1, 5502-1
> * squid: 5491-1
> * squid-common: 5491-1
>
> Revision rfa390d410fc1 (amd64; channels: 4.10-20.04_edge, 4.10-20.04_beta)
> * libsqlite3-0: 5716-1
>
> Revision rfb8fe3a9e920 (arm64; channels: 4.13-21.04_beta)
> * libicu67: 5156-1
> * libsystemd0: 5226-1
> * libudev1: 5226-1
>
> Simply rebuilding the rock will pull in the new security updates and
> resolve this. If your rock also contains vendored code, now might be a
> good time to review it for any needed updates.
>
> Thank you for your rock and for attending to this matter.
>
> References:
> * https://ubuntu.com/security/notices/USN-5156-1/
> * https://ubuntu.com/security/notices/USN-5226-1/
> * https://ubuntu.com/security/notices/USN-5488-1/
> * https://ubuntu.com/security/notices/USN-5491-1/
> * https://ubuntu.com/security/notices/USN-5502-1/
> * https://ubuntu.com/security/notices/USN-5503-1/
> * https://ubuntu.com/security/notices/USN-5716-1/

> --
> Mailing list: https://launchpad.net/~ubuntu-docker-images
> Post to     : ubuntu-docker-images@xxxxxxxxxxxxxxxxxxx
> Unsubscribe : https://launchpad.net/~ubuntu-docker-images
> More help   : https://help.launchpad.net/ListHelp


--
Athos Ribeiro