ubuntu-docker-images team mailing list archive
-
ubuntu-docker-images team
-
Mailing list archive
-
Message #00500
squid contains outdated Ubuntu packages
-
To:
rocks@xxxxxxxxxxxxx, sergio.durigan@xxxxxxxxxxxxx, athos.ribeiro@xxxxxxxxxxxxx, carl.csaposs@xxxxxxxxxxxxx, dragomir.penev@xxxxxxxxxxxxx, jose.masson@xxxxxxxxxxxxx, leon.mintz@xxxxxxxxxxxxx, paulo.machado@xxxxxxxxxxxxx, ryan.barry@xxxxxxxxxxxxx, simon.aronsson@xxxxxxxxxxxxx, ubuntu-docker-images@xxxxxxxxxxxxxxxxxxx
-
From:
security-team-toolbox-bot@xxxxxxxxxxxxx
-
Date:
Wed, 1 Mar 2023 05:07:49 +0000 (UTC)
A scan of this rock shows that it was built with packages from the Ubuntu
archive that have since received security updates. The following lists new
USNs for affected binary packages in each rock revision:
Revision r05efdf6fc36e (amd64; channels: edge, latest, 5.6-22.10_edge, 5.6-22.10_beta)
* libgnutls30: 5901-1
* tar: 5900-1
Revision r094b2fc5e6d6 (arm64; channels: 4.10-20.04_beta, 4.10-20.04_edge)
* libgnutls30: 5901-1
* tar: 5900-1
Revision r0a13f2063113 (amd64; channels: 5.2-22.04_edge, 5.2-22.04_beta)
* libgnutls30: 5901-1
* tar: 5900-1
Revision r12b24a07968b (arm64; channels: 5.2-22.04_edge, 5.2-22.04_beta)
* libgnutls30: 5901-1
* tar: 5900-1
Revision r34c9048cd68f (s390x; channels: edge, latest, 5.6-22.10_edge, 5.6-22.10_beta)
* libgnutls30: 5901-1
* tar: 5900-1
Revision ra12cac074f94 (s390x; channels: 5.2-22.04_edge, 5.2-22.04_beta)
* libgnutls30: 5901-1
* tar: 5900-1
Revision rae7117cf940d (arm64; channels: edge, latest, 5.6-22.10_edge, 5.6-22.10_beta)
* libgnutls30: 5901-1
* tar: 5900-1
Revision rb1b60b37385e (s390x; channels: 4.10-20.04_beta, 4.10-20.04_edge)
* libgnutls30: 5901-1
* tar: 5900-1
Revision rb6ccad80e288 (ppc64le; channels: edge, latest, 5.6-22.10_edge, 5.6-22.10_beta)
* libgnutls30: 5901-1
* tar: 5900-1
Revision rc5bfa96c3e6a (ppc64le; channels: 5.2-22.04_edge, 5.2-22.04_beta)
* libgnutls30: 5901-1
* tar: 5900-1
Revision rd1967f402046 (ppc64le; channels: 4.10-20.04_beta, 4.10-20.04_edge)
* libgnutls30: 5901-1
* tar: 5900-1
Revision rdec6c9df8f96 (amd64; channels: 4.10-20.04_beta, 4.10-20.04_edge)
* libgnutls30: 5901-1
* tar: 5900-1
Simply rebuilding the rock will pull in the new security updates and
resolve this. If your rock also contains vendored code, now might be a
good time to review it for any needed updates.
Thank you for your rock and for attending to this matter.
References:
* https://ubuntu.com/security/notices/USN-5900-1/
* https://ubuntu.com/security/notices/USN-5901-1/
Follow ups
