A scan of this rock shows that it was built with packages from the Ubuntu
archive that have since received security updates. The following lists new
USNs for affected binary packages in each rock revision:
Revision r0da4cab36843 (amd64; channels: 9.16-20.04_beta)
* login: 5745-2
* passwd: 5745-2
Revision r156cff8e885b (amd64; channels: edge, 9.18-22.10_beta, latest)
* login: 5745-1
* passwd: 5745-1
* perl-base: 5689-2
Revision r3cfcb116df37 (ppc64le; channels: 9.16-20.04_edge)
* login: 5745-2
* passwd: 5745-2
Revision r57a8f8286229 (ppc64le; channels: 9.16-20.04_beta)
* login: 5745-2
* passwd: 5745-2
Revision r60051e2b1a24 (arm64; channels: 9.16-20.04_beta)
* login: 5745-2
* passwd: 5745-2
Revision r9ee5f1b1933e (amd64; channels: 9.16-20.04_edge)
* login: 5745-2
* passwd: 5745-2
Revision rdbdf55ff2321 (arm64; channels: edge, 9.18-22.10_beta, latest)
* login: 5745-1
* passwd: 5745-1
* perl-base: 5689-2
Revision re84994a9fc9f (ppc64le; channels: edge, 9.18-22.10_beta, latest)
* login: 5745-1
* passwd: 5745-1
* perl-base: 5689-2
Revision reb71a0d95024 (s390x; channels: edge, 9.18-22.10_beta, latest)
* login: 5745-1
* passwd: 5745-1
* perl-base: 5689-2
Revision rf0585f3508f9 (s390x; channels: 9.16-20.04_beta)
* login: 5745-2
* passwd: 5745-2
Simply rebuilding the rock will pull in the new security updates and
resolve this. If your rock also contains vendored code, now might be a
good time to review it for any needed updates.
Thank you for your rock and for attending to this matter.
References:
* https://ubuntu.com/security/notices/USN-5689-2/
* https://ubuntu.com/security/notices/USN-5745-1/
* https://ubuntu.com/security/notices/USN-5745-2/
