A scan of this rock shows that it was built with packages from the Ubuntu
archive that have since received security updates. The following lists new
USNs for affected binary packages in each rock revision:
Revision r0d06385b5b41 (amd64; channels: 1.18-22.04_beta)
* libfreetype6: 6062-1
Revision r1059304d1ee0 (ppc64le; channels: 1.22-22.10_beta)
* libfreetype6: 6062-1
Revision r20154d3b48ed (ppc64le; channels: edge, 1.22-23.04_edge, latest, 1.22-23.04_beta)
* libfreetype6: 6062-1
Revision r3c9fb4aa3ac1 (s390x; channels: 1.18-22.04_beta)
* libfreetype6: 6062-1
Revision r43d704f10d1e (amd64; channels: 1.18-20.04_beta, 1.18-20.04_edge)
* libfreetype6: 6062-1
Revision r57086d1af0b0 (amd64; channels: 1.22-22.10_beta)
* libfreetype6: 6062-1
Revision r84ea5a139456 (arm64; channels: edge, 1.22-23.04_edge, latest, 1.22-23.04_beta)
* libfreetype6: 6062-1
Revision r952a83c297ec (arm64; channels: 1.18-20.04_beta, 1.18-20.04_edge)
* libfreetype6: 6062-1
Revision ra1e553414680 (ppc64le; channels: 1.18-20.04_beta, 1.18-20.04_edge)
* libfreetype6: 6062-1
Revision rb6abbe9a1b7f (s390x; channels: 1.22-22.10_beta)
* libfreetype6: 6062-1
Revision rb8663afa4d24 (arm64; channels: 1.18-22.04_beta)
* libfreetype6: 6062-1
Revision rb90fbe01c7f9 (amd64; channels: edge, 1.22-23.04_edge, latest, 1.22-23.04_beta)
* libfreetype6: 6062-1
Revision rc876b7be86bf (s390x; channels: edge, 1.22-23.04_edge, latest, 1.22-23.04_beta)
* libfreetype6: 6062-1
Revision rc9d2d797d95a (s390x; channels: 1.18-20.04_beta, 1.18-20.04_edge)
* libfreetype6: 6062-1
Revision re11f782c456b (arm64; channels: 1.22-22.10_beta)
* libfreetype6: 6062-1
Revision re6ba887ecca8 (ppc64le; channels: 1.18-22.04_beta)
* libfreetype6: 6062-1
Simply rebuilding the rock will pull in the new security updates and
resolve this. If your rock also contains vendored code, now might be a
good time to review it for any needed updates.
Thank you for your rock and for attending to this matter.
References:
* https://ubuntu.com/security/notices/USN-6062-1/
