ubuntu-docker-images team mailing list archive

[Athos Ribeiro <athos.ribeiro@xxxxxxxxxxxxx>]

On Tue, Apr 16, 2024 at 05:15:25AM +0000, security-team-toolbox-bot@xxxxxxxxxxxxx wrote:
> A scan of this rock shows that it was built with packages from the Ubuntu
> archive that have since received security updates. The following lists new
> USNs for affected binary packages in each rock revision:
>
> Revision r3d6bbeb65d24 (ppc64le; channels: 1.6-23.10_edge, latest, 1.6-23.10_beta, edge)
> * libgnutls30: 6733-1
>
> Revision r56f2a9af6bd8 (arm64; channels: 1.6-23.10_edge, latest, 1.6-23.10_beta, edge)
> * libgnutls30: 6733-1
>
> Revision r570a7f91fd4b (amd64; channels: 1.6-22.04_beta)
> * libgnutls30: 6733-1
>
> Revision r71130904db58 (s390x; channels: 1.6-22.04_beta)
> * libgnutls30: 6733-1
>
> Revision r865a2b9f2d45 (amd64; channels: 1.6-23.10_edge, latest, 1.6-23.10_beta, edge)
> * libgnutls30: 6733-1
>
> Revision ra3a3bf3e8d10 (amd64; channels: 1.5-20.04_beta)
> * libgnutls30: 6733-1
>
> Revision rbea6db98fbf3 (s390x; channels: 1.5-20.04_beta)
> * libgnutls30: 6733-1
>
> Revision rc5fe2a55ca4b (arm64; channels: 1.5-20.04_beta)
> * libgnutls30: 6733-1
>
> Revision rca59db3d9c69 (ppc64le; channels: 1.5-20.04_beta)
> * libgnutls30: 6733-1
>
> Revision rd9b80518578a (arm64; channels: 1.6-22.04_beta)
> * libgnutls30: 6733-1
>
> Revision re329a49d013f (s390x; channels: 1.6-23.10_edge, latest, 1.6-23.10_beta, edge)
> * libgnutls30: 6733-1
>
> Revision rf9e564534e8e (ppc64le; channels: 1.6-22.04_beta)
> * libgnutls30: 6733-1
>
> Simply rebuilding the rock will pull in the new security updates and
> resolve this. If your rock also contains vendored code, now might be a
> good time to review it for any needed updates.
>
> Thank you for your rock and for attending to this matter.
>
> References:
> * https://ubuntu.com/security/notices/USN-6733-1/

These images have been re-built and re-tagged.

--
Athos Ribeiro