← Back to team overview

ubuntu-docker-images team mailing list archive

  1. ubuntu-docker-images team
  2. Mailing list archive
  3. Message #00605

Re: memcached contains outdated Ubuntu packages

  Thread PreviousDate PreviousThread Next 
On Tue, Jun 06, 2023 at 05:15:11AM +0000, security-team-toolbox-bot@xxxxxxxxxxxxx wrote:

A scan of this rock shows that it was built with packages from the Ubuntu
archive that have since received security updates. The following lists new
USNs for affected binary packages in each rock revision:

Revision r111de1053c5c (s390x; channels: edge, latest, 1.6-23.04_beta)
* libperl5.36: 6112-2
* perl: 6112-2
* perl-base: 6112-2
* perl-modules-5.36: 6112-2

Revision r11e389df6806 (arm64; channels: edge, latest, 1.6-23.04_beta)
* libperl5.36: 6112-2
* perl: 6112-2
* perl-base: 6112-2
* perl-modules-5.36: 6112-2

Revision r1ef07af2f46d (arm64; channels: 1.5-20.04_beta)
* libperl5.30: 6112-2
* perl: 6112-2
* perl-base: 6112-2
* perl-modules-5.30: 6112-2

Revision r23af8d7e3640 (s390x; channels: 1.6-22.04_beta, 1.6-22.04_edge)
* libperl5.34: 6112-2
* perl: 6112-2
* perl-base: 6112-2
* perl-modules-5.34: 6112-2

Revision r48d942c2e386 (s390x; channels: 1.5-20.04_beta)
* libperl5.30: 6112-2
* perl: 6112-2
* perl-base: 6112-2
* perl-modules-5.30: 6112-2

Revision r56cb12659f6c (arm64; channels: 1.6-22.10_edge, 1.6-22.10_beta)
* libperl5.34: 6112-2
* perl: 6112-2
* perl-base: 6112-2
* perl-modules-5.34: 6112-2

Revision r57cbef5aaa94 (amd64; channels: 1.6-22.04_beta, 1.6-22.04_edge)
* libperl5.34: 6112-2
* perl: 6112-2
* perl-base: 6112-2
* perl-modules-5.34: 6112-2

Revision r5eae1846d188 (ppc64le; channels: 1.6-22.04_beta, 1.6-22.04_edge)
* libperl5.34: 6112-2
* perl: 6112-2
* perl-base: 6112-2
* perl-modules-5.34: 6112-2

Revision r655b156b35ca (ppc64le; channels: 1.5-20.04_beta)
* libperl5.30: 6112-2
* perl: 6112-2
* perl-base: 6112-2
* perl-modules-5.30: 6112-2

Revision r915e5e8a646f (amd64; channels: 1.5-20.04_beta)
* libperl5.30: 6112-2
* perl: 6112-2
* perl-base: 6112-2
* perl-modules-5.30: 6112-2

Revision r91ac5f87fa72 (ppc64le; channels: edge, latest, 1.6-23.04_beta)
* libperl5.36: 6112-2
* perl: 6112-2
* perl-base: 6112-2
* perl-modules-5.36: 6112-2

Revision r9492464fe0eb (amd64; channels: edge, latest, 1.6-23.04_beta)
* libperl5.36: 6112-2
* perl: 6112-2
* perl-base: 6112-2
* perl-modules-5.36: 6112-2

Revision ra9b4664e0c22 (arm64; channels: 1.6-22.04_beta, 1.6-22.04_edge)
* libperl5.34: 6112-2
* perl: 6112-2
* perl-base: 6112-2
* perl-modules-5.34: 6112-2

Revision rb1185dc5d285 (s390x; channels: 1.6-22.10_edge, 1.6-22.10_beta)
* libperl5.34: 6112-2
* perl: 6112-2
* perl-base: 6112-2
* perl-modules-5.34: 6112-2

Revision rbbb03ff06a4d (ppc64le; channels: 1.6-22.10_edge, 1.6-22.10_beta)
* libperl5.34: 6112-2
* perl: 6112-2
* perl-base: 6112-2
* perl-modules-5.34: 6112-2

Revision rf834a08bba61 (amd64; channels: 1.6-22.10_edge, 1.6-22.10_beta)
* libperl5.34: 6112-2
* perl: 6112-2
* perl-base: 6112-2
* perl-modules-5.34: 6112-2

Simply rebuilding the rock will pull in the new security updates and
resolve this. If your rock also contains vendored code, now might be a
good time to review it for any needed updates.

Thank you for your rock and for attending to this matter.

References:
* https://ubuntu.com/security/notices/USN-6112-2/


These images have been re-built and re-tagged.

--
Athos Ribeiro

References

  Thread PreviousDate PreviousThread Next