ubuntu-docker-images team mailing list archive
-
ubuntu-docker-images team
-
Mailing list archive
-
Message #01063
squid contains outdated Ubuntu packages
-
To:
rocks@xxxxxxxxxxxxx, sergio.durigan@xxxxxxxxxxxxx, athos.ribeiro@xxxxxxxxxxxxx, carl.csaposs@xxxxxxxxxxxxx, dragomir.penev@xxxxxxxxxxxxx, jose.masson@xxxxxxxxxxxxx, leon.mintz@xxxxxxxxxxxxx, paulo.machado@xxxxxxxxxxxxx, simon.aronsson@xxxxxxxxxxxxx, ubuntu-docker-images@xxxxxxxxxxxxxxxxxxx
-
From:
security-team-toolbox-bot@xxxxxxxxxxxxx
-
Date:
Fri, 04 Apr 2025 05:19:29 -0000
A scan of this rock shows that it was built with packages from the Ubuntu
archive that have since received security updates. The following lists new
USNs for affected binary packages in each rock revision:
Revision r09d486bec0fb (amd64; channels: 4.10-20.04_edge, 4.10-20.04_beta)
* gpgv: 7412-1
Revision r43f03b2753c9 (ppc64le; channels: 5.2-22.04_edge, 5.2-22.04_beta)
* gpgv: 7412-1
Revision r4fea0db9e146 (ppc64le; channels: 6.10-24.10_beta, 6.10-24.10_edge)
* gpgv: 7412-1
* liblzma5: 7414-1
Revision r5575a014726c (s390x; channels: 5.2-22.04_edge, 5.2-22.04_beta)
* gpgv: 7412-1
Revision r6dbc4ca42f5d (arm64; channels: 4.10-20.04_edge, 4.10-20.04_beta)
* gpgv: 7412-1
Revision r6e0e5193216f (amd64; channels: 6.6-24.04_edge, 6.6-24.04_beta, latest, edge)
* gpgv: 7412-1
* liblzma5: 7414-1
Revision r856e420a13cc (s390x; channels: 4.10-20.04_edge, 4.10-20.04_beta)
* gpgv: 7412-1
Revision r8b883b06d061 (amd64; channels: 6.10-24.10_beta, 6.10-24.10_edge)
* gpgv: 7412-1
* liblzma5: 7414-1
Revision r96c2b78fa0c3 (ppc64le; channels: 6.6-24.04_edge, 6.6-24.04_beta, latest, edge)
* gpgv: 7412-1
* liblzma5: 7414-1
Revision r99a6508df2d3 (arm64; channels: 5.2-22.04_edge, 5.2-22.04_beta)
* gpgv: 7412-1
Revision r9f006c72a458 (ppc64le; channels: 4.10-20.04_edge, 4.10-20.04_beta)
* gpgv: 7412-1
Revision rba984af56c4c (amd64; channels: 5.2-22.04_edge, 5.2-22.04_beta)
* gpgv: 7412-1
Revision rcabb358e2971 (arm64; channels: 6.6-24.04_edge, 6.6-24.04_beta, latest, edge)
* gpgv: 7412-1
* liblzma5: 7414-1
Revision rdfddb8ff6aea (s390x; channels: 6.6-24.04_edge, 6.6-24.04_beta, latest, edge)
* gpgv: 7412-1
* liblzma5: 7414-1
Revision re2112b46dc07 (s390x; channels: 6.10-24.10_beta, 6.10-24.10_edge)
* gpgv: 7412-1
* liblzma5: 7414-1
Revision rf514d647c492 (arm64; channels: 6.10-24.10_beta, 6.10-24.10_edge)
* gpgv: 7412-1
* liblzma5: 7414-1
Simply rebuilding the rock will pull in the new security updates and
resolve this. If your rock also contains vendored code, now might be a
good time to review it for any needed updates.
Thank you for your rock and for attending to this matter.
References:
* https://ubuntu.com/security/notices/USN-7412-1/
* https://ubuntu.com/security/notices/USN-7414-1/
