ubuntu-docker-images team mailing list archive
-
ubuntu-docker-images team
-
Mailing list archive
-
Message #00602
nginx contains outdated Ubuntu packages
-
To:
rocks@xxxxxxxxxxxxx, sergio.durigan@xxxxxxxxxxxxx, athos.ribeiro@xxxxxxxxxxxxx, carl.csaposs@xxxxxxxxxxxxx, dragomir.penev@xxxxxxxxxxxxx, jose.masson@xxxxxxxxxxxxx, leon.mintz@xxxxxxxxxxxxx, paulo.machado@xxxxxxxxxxxxx, ryan.barry@xxxxxxxxxxxxx, simon.aronsson@xxxxxxxxxxxxx, ubuntu-docker-images@xxxxxxxxxxxxxxxxxxx
-
From:
security-team-toolbox-bot@xxxxxxxxxxxxx
-
Date:
Tue, 6 Jun 2023 05:15:12 +0000 (UTC)
A scan of this rock shows that it was built with packages from the Ubuntu
archive that have since received security updates. The following lists new
USNs for affected binary packages in each rock revision:
Revision r1106af95ef6b (amd64; channels: 1.22-22.10_beta)
* perl-base: 6112-2
Revision r3ce7099ff91d (ppc64le; channels: 1.18-22.04_beta, 1.18-22.04_edge)
* perl-base: 6112-2
Revision r550604ba45d3 (amd64; channels: edge, latest, 1.22-23.04_beta)
* perl-base: 6112-2
Revision r5ce806cf96b3 (ppc64le; channels: 1.22-22.10_beta)
* perl-base: 6112-2
Revision r8e284f404c43 (arm64; channels: 1.18-20.04_beta, 1.18-20.04_edge)
* perl-base: 6112-2
Revision ra064e4051487 (arm64; channels: edge, latest, 1.22-23.04_beta)
* perl-base: 6112-2
Revision ra1cfc451e24a (amd64; channels: 1.18-22.04_beta, 1.18-22.04_edge)
* perl-base: 6112-2
Revision rab687d916cf9 (s390x; channels: 1.22-22.10_beta)
* perl-base: 6112-2
Revision raf052bbebafe (arm64; channels: 1.22-22.10_beta)
* perl-base: 6112-2
Revision rb85d57b04746 (s390x; channels: 1.18-22.04_beta, 1.18-22.04_edge)
* perl-base: 6112-2
Revision rc84841efea8b (arm64; channels: 1.18-22.04_beta, 1.18-22.04_edge)
* perl-base: 6112-2
Revision rccfe443591f6 (ppc64le; channels: edge, latest, 1.22-23.04_beta)
* perl-base: 6112-2
Revision rd07453267f71 (ppc64le; channels: 1.18-20.04_beta, 1.18-20.04_edge)
* perl-base: 6112-2
Revision re28156190190 (s390x; channels: edge, latest, 1.22-23.04_beta)
* perl-base: 6112-2
Revision ref17a75cd170 (s390x; channels: 1.18-20.04_beta, 1.18-20.04_edge)
* perl-base: 6112-2
Revision rf024349b1a44 (amd64; channels: 1.18-20.04_beta, 1.18-20.04_edge)
* perl-base: 6112-2
Simply rebuilding the rock will pull in the new security updates and
resolve this. If your rock also contains vendored code, now might be a
good time to review it for any needed updates.
Thank you for your rock and for attending to this matter.
References:
* https://ubuntu.com/security/notices/USN-6112-2/
Follow ups
