ubuntu-docker-images team mailing list archive

[Athos Ribeiro <athos.ribeiro@xxxxxxxxxxxxx>]

On Tue, Apr 16, 2024 at 05:15:28AM +0000, security-team-toolbox-bot@xxxxxxxxxxxxx wrote:
> A scan of this rock shows that it was built with packages from the Ubuntu
> archive that have since received security updates. The following lists new
> USNs for affected binary packages in each rock revision:
>
> Revision r2a07ff4d6ab1 (s390x; channels: 1.18-20.04_edge, 1.18-20.04_beta)
> * libgnutls30: 6733-1
>
> Revision r2f099a21edff (amd64; channels: 1.18-22.04_beta)
> * libgnutls30: 6733-1
>
> Revision r44fe471d5190 (s390x; channels: 1.18-22.04_beta)
> * libgnutls30: 6733-1
>
> Revision r509285d99ea3 (arm64; channels: 1.18-22.04_beta)
> * libgnutls30: 6733-1
>
> Revision r519cce248c30 (ppc64le; channels: 1.18-22.04_beta)
> * libgnutls30: 6733-1
>
> Revision r67737a2f338b (arm64; channels: 1.24-23.10_beta, latest, edge)
> * libgnutls30: 6733-1
>
> Revision r78f327ad0f68 (amd64; channels: 1.24-23.10_beta, latest, edge)
> * libgnutls30: 6733-1
>
> Revision r9bf0ba73f10a (s390x; channels: 1.24-23.10_beta, latest, edge)
> * libgnutls30: 6733-1
>
> Revision ra306ee9fa13f (arm64; channels: 1.18-20.04_edge, 1.18-20.04_beta)
> * libgnutls30: 6733-1
>
> Revision rcb6445b1f7ed (ppc64le; channels: 1.24-23.10_beta, latest, edge)
> * libgnutls30: 6733-1
>
> Revision rf4d4374a1669 (amd64; channels: 1.18-20.04_edge, 1.18-20.04_beta)
> * libgnutls30: 6733-1
>
> Revision rfbede6e89ab1 (ppc64le; channels: 1.18-20.04_edge, 1.18-20.04_beta)
> * libgnutls30: 6733-1
>
> Simply rebuilding the rock will pull in the new security updates and
> resolve this. If your rock also contains vendored code, now might be a
> good time to review it for any needed updates.
>
> Thank you for your rock and for attending to this matter.
>
> References:
> * https://ubuntu.com/security/notices/USN-6733-1/

These images have been re-built and re-tagged.

--
Athos Ribeiro