ubuntu-docker-images team mailing list archive

[Athos Ribeiro <athos.ribeiro@xxxxxxxxxxxxx>]

On Tue, Mar 07, 2023 at 05:06:53AM +0000, security-team-toolbox-bot@xxxxxxxxxxxxx wrote:
> A scan of this rock shows that it was built with packages from the Ubuntu
> archive that have since received security updates. The following lists new
> USNs for affected binary packages in each rock revision:
>
> Revision r2319b70d9368 (arm64; channels: 1.18-20.04_edge, 1.18-20.04_beta)
> * libtiff5: 5923-1
>
> Revision r3080393d4df7 (ppc64le; channels: 1.18-22.04_edge, 1.18-22.04_beta)
> * libtiff5: 5923-1
>
> Revision r56355416768e (s390x; channels: 1.18-20.04_edge, 1.18-20.04_beta)
> * libtiff5: 5923-1
>
> Revision r7805c8fd1a81 (ppc64le; channels: 1.18-20.04_edge, 1.18-20.04_beta)
> * libtiff5: 5923-1
>
> Revision r991168417401 (s390x; channels: edge, latest, 1.22-22.10_beta, 1.22-22.10_edge)
> * libtiff5: 5923-1
>
> Revision ra767b6616c49 (arm64; channels: edge, latest, 1.22-22.10_beta, 1.22-22.10_edge)
> * libtiff5: 5923-1
>
> Revision rabc248292796 (s390x; channels: 1.18-22.04_edge, 1.18-22.04_beta)
> * libtiff5: 5923-1
>
> Revision radba8835c2eb (ppc64le; channels: edge, latest, 1.22-22.10_beta, 1.22-22.10_edge)
> * libtiff5: 5923-1
>
> Revision rbf8cbece21dc (amd64; channels: 1.18-20.04_edge, 1.18-20.04_beta)
> * libtiff5: 5923-1
>
> Revision rc0d087890377 (arm64; channels: 1.18-22.04_edge, 1.18-22.04_beta)
> * libtiff5: 5923-1
>
> Revision rf028eed7c829 (amd64; channels: 1.18-22.04_edge, 1.18-22.04_beta)
> * libtiff5: 5923-1
>
> Revision rf5c3c05c05f2 (amd64; channels: edge, latest, 1.22-22.10_beta, 1.22-22.10_edge)
> * libtiff5: 5923-1
>
> Simply rebuilding the rock will pull in the new security updates and
> resolve this. If your rock also contains vendored code, now might be a
> good time to review it for any needed updates.
>
> Thank you for your rock and for attending to this matter.
>
> References:
> * https://ubuntu.com/security/notices/USN-5923-1/

Images re-built and re-tagged

--
Athos Ribeiro