New CVEs affecting packages used to build upstream based rocks have been created in the Ubuntu CVE tracker:
* https://github.com/hashicorp/consul: CVE-2018-19653, CVE-2019-12291, CVE-2019-9764, CVE-2020-12797, CVE-2020-13170, CVE-2020-13250, CVE-2020-25201, CVE-2020-25864, CVE-2020-28053, CVE-2020-7219, CVE-2020-7955, CVE-2021-28156 * https://github.com/prometheus/prometheus: CVE-2019-3826 * https://github.com/gogo/protobuf: CVE-2021-3121 Please review your rock to understand if it is affected by these CVEs. Thank you for your rock and for attending to this matter. References: https://git.launchpad.net/ubuntu-cve-tracker/tree/active/CVE-2018-19653 https://git.launchpad.net/ubuntu-cve-tracker/tree/active/CVE-2019-12291 https://git.launchpad.net/ubuntu-cve-tracker/tree/active/CVE-2019-9764 https://git.launchpad.net/ubuntu-cve-tracker/tree/active/CVE-2020-12797 https://git.launchpad.net/ubuntu-cve-tracker/tree/active/CVE-2020-13170 https://git.launchpad.net/ubuntu-cve-tracker/tree/active/CVE-2020-13250 https://git.launchpad.net/ubuntu-cve-tracker/tree/active/CVE-2020-25201 https://git.launchpad.net/ubuntu-cve-tracker/tree/active/CVE-2020-25864 https://git.launchpad.net/ubuntu-cve-tracker/tree/active/CVE-2020-28053 https://git.launchpad.net/ubuntu-cve-tracker/tree/active/CVE-2020-7219 https://git.launchpad.net/ubuntu-cve-tracker/tree/active/CVE-2020-7955 https://git.launchpad.net/ubuntu-cve-tracker/tree/active/CVE-2021-28156 https://git.launchpad.net/ubuntu-cve-tracker/tree/active/CVE-2019-3826 https://git.launchpad.net/ubuntu-cve-tracker/tree/active/CVE-2021-3121 -- Mailing list: https://launchpad.net/~ubuntu-docker-images Post to : ubuntu-docker-images@lists.launchpad.net Unsubscribe : https://launchpad.net/~ubuntu-docker-images More help : https://help.launchpad.net/ListHelp
