Upgrade dpkg, dpkg-dev, libdpkg-perl to the version that
CVE-2022-1664 have been fixed:
dpkg_1.20.9_amd64.deb to dpkg_1.20.10_amd64.deb
dpkg-dev_1.20.9_all.deb to dpkg-dev_1.20.10_all.deb
libdpkg-perl_1.20.9_all.deb to libdpkg-perl_1.20.10_all.deb
This fix provides the URL of the package in base-bullseye.lst to
make sure that the binary package can be downloaded no matter how
the upstream changes.
Reviewed: https:/ /review. opendev. org/c/starlingx /tools/ +/853083 /opendev. org/starlingx/ tools/commit/ db307f008448380 6b9ba37c23b665f 7b270984cd
Committed: https:/
Submitter: "Zuul (22348)"
Branch: master
commit db307f008448380 6b9ba37c23b665f 7b270984cd
Author: Wentao Zhang <email address hidden>
Date: Mon Aug 15 10:40:17 2022 +0800
Debian: dpkg:fix CVE-2022-1664
Upgrade dpkg, dpkg-dev, libdpkg-perl to the version that
CVE-2022-1664 have been fixed:
dpkg_ 1.20.9_ amd64.deb to dpkg_1. 20.10_amd64. deb dev_1.20. 9_all.deb to dpkg-dev_ 1.20.10_ all.deb perl_1. 20.9_all. deb to libdpkg- perl_1. 20.10_all. deb
dpkg-
libdpkg-
(Refer to https:/ /security- tracker. debian. org/tracker/ CVE-2022- 1664)
This fix provides the URL of the package in base-bullseye.lst to
make sure that the binary package can be downloaded no matter how
the upstream changes.
Closes-bug: 1986486 5424712459c2905 f51927e20cd
Signed-off-by: Wentao Zhang<email address hidden>
Change-Id: Ie4e70e4da36f01