ubuntu-docker-images team mailing list archive

Thread
Date

Re: nginx contains outdated Ubuntu packages

To: rocks@xxxxxxxxxxxxx, athos.ribeiro@xxxxxxxxxxxxx, paulo.machado@xxxxxxxxxxxxx, jose.masson@xxxxxxxxxxxxx, leon.mintz@xxxxxxxxxxxxx, ryan.barry@xxxxxxxxxxxxx, simon.aronsson@xxxxxxxxxxxxx, ubuntu-docker-images@xxxxxxxxxxxxxxxxxxx
From: Sergio Durigan Junior <sergio.durigan@xxxxxxxxxxxxx>
Date: Thu, 08 Dec 2022 12:25:40 -0500
In-reply-to: <20221208050901.C49E1416F5@security-toolbox.internal> (security-team-toolbox-bot@canonical.com's message of "Thu, 8 Dec 2022 05:09:01 +0000 (UTC)")
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/27.1 (gnu/linux)

On Thursday, December 08 2022, security-team-toolbox-bot@xxxxxxxxxxxxx wrote:

> A scan of this rock shows that it was built with packages from the Ubuntu
> archive that have since received security updates. The following lists new
> USNs for affected binary packages in each rock revision:
>
> Revision r08272f2fc312 (s390x; channels: latest, 1.22-22.10_beta, 1.22-22.10_edge, edge)
>  * libxml2: 5760-1
>
> Revision r6b7602f32f4c (s390x; channels: 1.18-22.04_beta)
>  * libxml2: 5760-1
>
> Revision ra9794aee2bfc (s390x; channels: 1.18-20.04_beta)
>  * libxml2: 5760-1
>
> Simply rebuilding the rock will pull in the new security updates and
> resolve this. If your rock also contains vendored code, now might be a
> good time to review it for any needed updates.
>
> Thank you for your rock and for attending to this matter.
>
> References:
>  * https://ubuntu.com/security/notices/USN-5760-1/

Rebuilt and retagged.

-- 
Sergio
GPG key ID: E92F D0B3 6B14 F1F4 D8E0  EB2F 106D A1C8 C3CB BF14

References

nginx contains outdated Ubuntu packages
From: security-team-toolbox-bot, 2022-12-08