ubuntu-docker-images team mailing list archive
-
ubuntu-docker-images team
-
Mailing list archive
-
Message #01059
apache2 contains outdated Ubuntu packages
-
To:
rocks@xxxxxxxxxxxxx, sergio.durigan@xxxxxxxxxxxxx, athos.ribeiro@xxxxxxxxxxxxx, carl.csaposs@xxxxxxxxxxxxx, dragomir.penev@xxxxxxxxxxxxx, jose.masson@xxxxxxxxxxxxx, leon.mintz@xxxxxxxxxxxxx, paulo.machado@xxxxxxxxxxxxx, simon.aronsson@xxxxxxxxxxxxx, ubuntu-docker-images@xxxxxxxxxxxxxxxxxxx
-
From:
security-team-toolbox-bot@xxxxxxxxxxxxx
-
Date:
Fri, 04 Apr 2025 05:19:19 -0000
A scan of this rock shows that it was built with packages from the Ubuntu
archive that have since received security updates. The following lists new
USNs for affected binary packages in each rock revision:
Revision r1d79d5ffbed1 (s390x; channels: 2.4-22.04_edge, 2.4-22.04_beta)
* gpgv: 7412-1
Revision r218c3cab24fd (ppc64le; channels: 2.4-20.04_beta, 2.4-20.04_edge)
* gpgv: 7412-1
Revision r225acb7aac50 (ppc64le; channels: 2.4-22.04_edge, 2.4-22.04_beta)
* gpgv: 7412-1
Revision r31ae3c619d03 (arm64; channels: 2.4-24.04_edge, 2.4-24.04_beta)
* gpgv: 7412-1
* liblzma5: 7414-1
Revision r4b0ab2dcc85b (amd64; channels: latest, 2.4-24.10_beta, 2.4-24.10_edge, edge)
* gpgv: 7412-1
* liblzma5: 7414-1
Revision r71fc8cd70c80 (s390x; channels: 2.4-24.04_edge, 2.4-24.04_beta)
* gpgv: 7412-1
* liblzma5: 7414-1
Revision r8e6fdea3621f (amd64; channels: 2.4-22.04_edge, 2.4-22.04_beta)
* gpgv: 7412-1
Revision r92a0e48c5d24 (ppc64le; channels: 2.4-24.04_edge, 2.4-24.04_beta)
* gpgv: 7412-1
* liblzma5: 7414-1
Revision ra291c3aac44c (arm64; channels: 2.4-22.04_edge, 2.4-22.04_beta)
* gpgv: 7412-1
Revision rae5cf14b8ac2 (arm64; channels: latest, 2.4-24.10_beta, 2.4-24.10_edge, edge)
* gpgv: 7412-1
* liblzma5: 7414-1
Revision rbe8de9915650 (ppc64le; channels: latest, 2.4-24.10_beta, 2.4-24.10_edge, edge)
* gpgv: 7412-1
* liblzma5: 7414-1
Revision re1ed4ec364b8 (s390x; channels: latest, 2.4-24.10_beta, 2.4-24.10_edge, edge)
* gpgv: 7412-1
* liblzma5: 7414-1
Revision re26251e14702 (amd64; channels: 2.4-20.04_beta, 2.4-20.04_edge)
* gpgv: 7412-1
Revision rf888508dc2e6 (arm64; channels: 2.4-20.04_beta, 2.4-20.04_edge)
* gpgv: 7412-1
Revision rfc028448db58 (s390x; channels: 2.4-20.04_beta, 2.4-20.04_edge)
* gpgv: 7412-1
Revision rfe6cf7599dcf (amd64; channels: 2.4-24.04_edge, 2.4-24.04_beta)
* gpgv: 7412-1
* liblzma5: 7414-1
Simply rebuilding the rock will pull in the new security updates and
resolve this. If your rock also contains vendored code, now might be a
good time to review it for any needed updates.
Thank you for your rock and for attending to this matter.
References:
* https://ubuntu.com/security/notices/USN-7412-1/
* https://ubuntu.com/security/notices/USN-7414-1/
