starlingx
/
tools
Code Issues Proposed changes
tools/debian-mirror-tools/config/debian
History
Zhixiong Chi 186726132a openssh: Upgrade to 8.4p1-5+deb11u3 
Upgrade the three subpackages openssh-client openssh-server
openssh-sftp-server to 8.4p1-5+deb11u3 to fix CVE issues
CVE-2023-51384/CVE-2023-28531/CVE-2023-48795/CVE-2023-51385/CVE-2021-41617

Refer to:
https://www.debian.org/security/2023/dsa-5586
https://www.tenable.com/plugins/nessus/187289
https://www.tenable.com/plugins/nessus/187213
https://nvd.nist.gov/vuln/detail/CVE-2023-51384
https://nvd.nist.gov/vuln/detail/CVE-2023-28531
https://nvd.nist.gov/vuln/detail/CVE-2023-48795
https://nvd.nist.gov/vuln/detail/CVE-2023-51385
https://nvd.nist.gov/vuln/detail/CVE-2021-41617

TestPlan:
PASS: downloader; build-pkgs; build-image
PASS: Jenkins Installation

Closes-Bug: 2047315

Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com>
Change-Id: I1c5ca1ef41a29a23b9acea3a849c390e252bcdac
 		2023-12-29 02:44:30 +00:00
..
common openssh: Upgrade to 8.4p1-5+deb11u3 2023-12-29 02:44:30 +00:00
compiler layer-and-build-type-priorities 2022-03-10 14:27:02 -05:00
containers Add dependency for package pandoc and python2.7 2023-11-13 15:00:45 +08:00
distro Debian: yajl: fix multiple CVEs 2023-11-06 10:22:43 +08:00
flock Reorganize OPAE tools package dependencies 2023-10-20 15:44:11 -03:00
openstack Add packages for containerized virtual switch tests 2023-11-24 15:45:51 -03:00