ubuntu-docker-images team mailing list archive
-
ubuntu-docker-images team
-
Mailing list archive
-
Message #00975
nginx contains outdated Ubuntu packages
-
To:
rocks@xxxxxxxxxxxxx, sergio.durigan@xxxxxxxxxxxxx, athos.ribeiro@xxxxxxxxxxxxx, carl.csaposs@xxxxxxxxxxxxx, dragomir.penev@xxxxxxxxxxxxx, jose.masson@xxxxxxxxxxxxx, leon.mintz@xxxxxxxxxxxxx, paulo.machado@xxxxxxxxxxxxx, simon.aronsson@xxxxxxxxxxxxx, ubuntu-docker-images@xxxxxxxxxxxxxxxxxxx
-
From:
security-team-toolbox-bot@xxxxxxxxxxxxx
-
Date:
Thu, 1 Aug 2024 05:10:56 +0000 (UTC)
A scan of this rock shows that it was built with packages from the Ubuntu
archive that have since received security updates. The following lists new
USNs for affected binary packages in each rock revision:
Revision r02535eae94ea (arm64; channels: 1.24-24.04_beta, latest, edge)
* libssl3t64: 6937-1
Revision r104e30060b52 (s390x; channels: 1.18-22.04_beta)
* libssl3: 6937-1
Revision r1d5c10a9942e (ppc64le; channels: 1.24-24.04_beta, latest, edge)
* libssl3t64: 6937-1
Revision r455770d1d1ed (s390x; channels: 1.24-24.04_beta, latest, edge)
* libssl3t64: 6937-1
Revision r4d8194671427 (s390x; channels: 1.18-20.04_beta)
* libssl1.1: 6937-1
Revision r6ac9c61bfcfc (arm64; channels: 1.18-22.04_beta)
* libssl3: 6937-1
Revision r79d15f3781d9 (amd64; channels: 1.18-20.04_beta)
* libssl1.1: 6937-1
Revision r8908e22dc295 (arm64; channels: 1.18-20.04_beta)
* libssl1.1: 6937-1
Revision ra84396638569 (ppc64le; channels: 1.18-20.04_beta)
* libssl1.1: 6937-1
Revision rafec269c5edd (amd64; channels: 1.18-22.04_beta)
* libssl3: 6937-1
Revision rbc51aeb36536 (amd64; channels: 1.24-24.04_beta, latest, edge)
* libssl3t64: 6937-1
Revision rbde5c9d4abc4 (ppc64le; channels: 1.18-22.04_beta)
* libssl3: 6937-1
Simply rebuilding the rock will pull in the new security updates and
resolve this. If your rock also contains vendored code, now might be a
good time to review it for any needed updates.
Thank you for your rock and for attending to this matter.
References:
* https://ubuntu.com/security/notices/USN-6937-1/
Follow ups