ubuntu-docker-images team mailing list archive
-
ubuntu-docker-images team
-
Mailing list archive
-
Message #00950
nginx contains outdated Ubuntu packages
-
To:
rocks@xxxxxxxxxxxxx, sergio.durigan@xxxxxxxxxxxxx, athos.ribeiro@xxxxxxxxxxxxx, carl.csaposs@xxxxxxxxxxxxx, dragomir.penev@xxxxxxxxxxxxx, jose.masson@xxxxxxxxxxxxx, leon.mintz@xxxxxxxxxxxxx, paulo.machado@xxxxxxxxxxxxx, sergio.durigan@xxxxxxxxxxxxx, simon.aronsson@xxxxxxxxxxxxx, ubuntu-docker-images@xxxxxxxxxxxxxxxxxxx
-
From:
security-team-toolbox-bot@xxxxxxxxxxxxx
-
Date:
Wed, 12 Jun 2024 05:13:55 +0000 (UTC)
A scan of this rock shows that it was built with packages from the Ubuntu
archive that have since received security updates. The following lists new
USNs for affected binary packages in each rock revision:
Revision r0fa4fd154799 (s390x; channels: 1.18-22.04_beta, 1.18-22.04_edge)
* libtiff5: 6827-1
Revision r2163f49fc345 (s390x; channels: 1.18-20.04_beta)
* libtiff5: 6827-1
Revision r3d6eb0d42f23 (ppc64le; channels: 1.18-20.04_beta)
* libtiff5: 6827-1
Revision r50371cac82ec (amd64; channels: 1.18-22.04_beta, 1.18-22.04_edge)
* libtiff5: 6827-1
Revision r65228fb677ed (ppc64le; channels: 1.18-22.04_beta, 1.18-22.04_edge)
* libtiff5: 6827-1
Revision r66de635784e0 (arm64; channels: 1.18-20.04_beta)
* libtiff5: 6827-1
Revision rb0ce68b851d5 (amd64; channels: 1.18-20.04_beta)
* libtiff5: 6827-1
Revision rb5b818c59b16 (arm64; channels: 1.18-22.04_beta, 1.18-22.04_edge)
* libtiff5: 6827-1
Simply rebuilding the rock will pull in the new security updates and
resolve this. If your rock also contains vendored code, now might be a
good time to review it for any needed updates.
Thank you for your rock and for attending to this matter.
References:
* https://ubuntu.com/security/notices/USN-6827-1/
Follow ups
