ubuntu-docker-images team mailing list archive

Thread
Date

ubuntu-docker-images team
Mailing list archive
Message #00772

CVEs potentially affecting upstream based ROCKs

To: ubuntu-docker-images@xxxxxxxxxxxxxxxxxxx, sergio.durigan@xxxxxxxxxxxxx, emilia.torino@xxxxxxxxxxxxx, alex.murray@xxxxxxxxxxxxx, david.lane@xxxxxxxxxxxxx, paulo.smorigo@xxxxxxxxxxxxx, simon.aronsson@xxxxxxxxxxxxx, dylan.stephano-shachter@xxxxxxxxxxxxx
From: security-team-toolbox-bot@xxxxxxxxxxxxx
Date: Thu, 21 Dec 2023 05:06:30 +0000 (UTC)

New CVEs affecting packages used to build upstream based rocks have been
created in the Ubuntu CVE tracker:

* libssh: CVE-2023-6004, CVE-2023-6918

Please review your rock to understand if it is affected by these CVEs.

Thank you for your rock and for attending to this matter.

References:
https://git.launchpad.net/ubuntu-cve-tracker/tree/active/CVE-2023-6004
https://git.launchpad.net/ubuntu-cve-tracker/tree/active/CVE-2023-6918