From 1b0db90e438c7fb1ee5ceb2516f8a459fa7fe21a Mon Sep 17 00:00:00 2001
From: Wentao Zhang <Wentao.Zhang@windriver.com>
Date: Thu, 21 Mar 2024 00:55:46 -0700
Subject: [PATCH] Debian: openvswitch: fix
 CVE-2023-3966/CVE-2023-5366/CVE-2024-22563

Upgrade openvswitch's version from 2.15.0+ds1-2+deb11u4 to
2.15.0+ds1-2+deb11u5 to fix CVE-2023-3966/CVE-2023-5366/CVE-2024-22563

Refer to:
https://nvd.nist.gov/vuln/detail/CVE-2023-3966
https://nvd.nist.gov/vuln/detail/CVE-2023-5366
https://nvd.nist.gov/vuln/detail/CVE-2024-22563
https://security-tracker.debian.org/tracker/DSA-5640-1

Test Plan:
 Pass: downloader
 Pass: build-pkgs --clean --all
 Pass: build-image
 Pass: boot

Closes-bug: #2057984

Change-Id: I59ac7a2d64cf3f93da081a32e683d36f29055f28
Signed-off-by: Wentao Zhang <Wentao.Zhang@windriver.com>
---
 networking/openvswitch/debian/meta_data.yaml | 7 ++-----
 1 file changed, 2 insertions(+), 5 deletions(-)

diff --git a/networking/openvswitch/debian/meta_data.yaml b/networking/openvswitch/debian/meta_data.yaml
index 66afb11d6..2343cf059 100644
--- a/networking/openvswitch/debian/meta_data.yaml
+++ b/networking/openvswitch/debian/meta_data.yaml
@@ -1,10 +1,7 @@
 ---
 debname: openvswitch
-debver: 2.15.0+ds1-2+deb11u4
-dl_path:
-  name: openvswitch-debian-2.15.0+ds1-2+deb11u4.tar.gz
-  url: https://salsa.debian.org/openstack-team/third-party/openvswitch/-/archive/debian/2.15.0+ds1-2+deb11u4/openvswitch-debian-2.15.0+ds1-2+deb11u4.tar.gz
-  sha256sum: 87d2fe0e319f66839eddfc9f6c43b7a3cd9c6c71c1b944107cc0a42d7122efd7
+debver: 2.15.0+ds1-2+deb11u5
+archive: https://snapshot.debian.org/archive/debian-security/20240320T004512Z/pool/updates/main/o/openvswitch/
 revision:
   dist: $STX_DIST
   GITREVCOUNT: