ubuntu-docker-images team mailing list archive
-
ubuntu-docker-images team
-
Mailing list archive
-
Message #01033
bind9 contains outdated Ubuntu packages
-
To:
rocks@xxxxxxxxxxxxx, sergio.durigan@xxxxxxxxxxxxx, athos.ribeiro@xxxxxxxxxxxxx, carl.csaposs@xxxxxxxxxxxxx, dragomir.penev@xxxxxxxxxxxxx, jose.masson@xxxxxxxxxxxxx, leon.mintz@xxxxxxxxxxxxx, paulo.machado@xxxxxxxxxxxxx, simon.aronsson@xxxxxxxxxxxxx, ubuntu-docker-images@xxxxxxxxxxxxxxxxxxx
-
From:
security-team-toolbox-bot@xxxxxxxxxxxxx
-
Date:
Fri, 21 Feb 2025 05:17:53 -0000
A scan of this rock shows that it was built with packages from the Ubuntu
archive that have since received security updates. The following lists new
USNs for affected binary packages in each rock revision:
Revision r002968b8dc16 (amd64; channels: 9.18-24.04_beta, latest, edge)
* libgnutls30t64: 7281-1
* libssl3t64: 7278-1
* libtasn1-6: 7275-2
Revision r02d0c32cc9cd (arm64; channels: 9.16-20.04_beta)
* libgnutls30: 7281-1
* libssl1.1: 7278-1
Revision r27104886c6a6 (arm64; channels: 9.20-24.10_edge)
* libgnutls30t64: 7281-1
Revision r4fcf801c6419 (s390x; channels: 9.16-20.04_beta)
* libgnutls30: 7281-1
* libssl1.1: 7278-1
Revision r51cafac68406 (s390x; channels: 9.18-22.04_beta)
* libgnutls30: 7281-1
* libssl3: 7278-1
Revision r69b275850439 (amd64; channels: 9.18-22.04_beta)
* libgnutls30: 7281-1
* libssl3: 7278-1
Revision r912dbb6c360e (arm64; channels: 9.18-22.04_beta)
* libgnutls30: 7281-1
* libssl3: 7278-1
Revision r9be8bf976dbc (ppc64le; channels: 9.16-20.04_beta)
* libgnutls30: 7281-1
* libssl1.1: 7278-1
Revision rab1b85a47a6e (amd64; channels: 9.20-24.10_edge)
* libgnutls30t64: 7281-1
Revision rc4e72825a6c6 (s390x; channels: 9.18-24.04_beta, latest, edge)
* libgnutls30t64: 7281-1
* libssl3t64: 7278-1
* libtasn1-6: 7275-2
Revision rc8f445619fe2 (amd64; channels: 9.16-20.04_beta)
* libgnutls30: 7281-1
* libssl1.1: 7278-1
Revision rd3eaade90de0 (ppc64le; channels: 9.18-22.04_beta)
* libgnutls30: 7281-1
* libssl3: 7278-1
Revision re0efa4e22d8b (ppc64le; channels: 9.18-24.04_beta, latest, edge)
* libgnutls30t64: 7281-1
* libssl3t64: 7278-1
* libtasn1-6: 7275-2
Revision re897d21afa18 (s390x; channels: 9.20-24.10_edge)
* libgnutls30t64: 7281-1
Revision rfb97fd4a84d6 (ppc64le; channels: 9.20-24.10_edge)
* libgnutls30t64: 7281-1
Revision rfe8a6f919f5e (arm64; channels: 9.18-24.04_beta, latest, edge)
* libgnutls30t64: 7281-1
* libssl3t64: 7278-1
* libtasn1-6: 7275-2
Simply rebuilding the rock will pull in the new security updates and
resolve this. If your rock also contains vendored code, now might be a
good time to review it for any needed updates.
Thank you for your rock and for attending to this matter.
References:
* https://ubuntu.com/security/notices/USN-7275-2/
* https://ubuntu.com/security/notices/USN-7278-1/
* https://ubuntu.com/security/notices/USN-7281-1/
