ubuntu-docker-images team mailing list archive

[security-team-toolbox-bot@xxxxxxxxxxxxx]

A scan of this rock shows that it was built with packages from the Ubuntu
archive that have since received security updates. The following lists new
USNs for affected binary packages in each rock revision:

Revision r014747b1b749 (arm64; channels: 1.6-22.04_beta)
 * libssl3: 6937-1

Revision r0f7c216ee9f5 (amd64; channels: 1.6-24.04_beta, latest, edge)
 * libssl3t64: 6937-1

Revision r5bda72a67310 (amd64; channels: 1.5-20.04_beta)
 * libssl1.1: 6937-1

Revision r6f4eb648577f (arm64; channels: 1.6-24.04_beta, latest, edge)
 * libssl3t64: 6937-1

Revision r7dd1d3f5e178 (s390x; channels: 1.6-24.04_beta, latest, edge)
 * libssl3t64: 6937-1

Revision r838aeeeab996 (amd64; channels: 1.6-22.04_beta)
 * libssl3: 6937-1

Revision ra8a8337e2eac (ppc64le; channels: 1.6-22.04_beta)
 * libssl3: 6937-1

Revision ra8c99ca2c202 (ppc64le; channels: 1.6-24.04_beta, latest, edge)
 * libssl3t64: 6937-1

Revision rc009fb097221 (ppc64le; channels: 1.5-20.04_beta)
 * libssl1.1: 6937-1

Revision rcf8d42426a31 (s390x; channels: 1.6-22.04_beta)
 * libssl3: 6937-1

Revision rd4333e235634 (arm64; channels: 1.5-20.04_beta)
 * libssl1.1: 6937-1

Revision rd4bad9a1627d (s390x; channels: 1.5-20.04_beta)
 * libssl1.1: 6937-1

Simply rebuilding the rock will pull in the new security updates and
resolve this. If your rock also contains vendored code, now might be a
good time to review it for any needed updates.

Thank you for your rock and for attending to this matter.

References:
 * https://ubuntu.com/security/notices/USN-6937-1/