StarlingX

  1. Bug #2012865
  2. Comment #2

Comment 2 for bug 2012865

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to tools (master)

Reviewed: https://review.opendev.org/c/starlingx/tools/+/879342
Committed: https://opendev.org/starlingx/tools/commit/a40eb966f67ca3da9d468c1425844021b68a954b
Submitter: "Zuul (22348)"
Branch: master

commit a40eb966f67ca3da9d468c1425844021b68a954b
Author: Zhang Xiao <email address hidden>
Date: Mon Apr 3 21:09:34 2023 +0800

    Debian: apache2: fix CVE-2006-20001/CVE-2023-25690

    Upgrade packages to below version to fix CVE-2006-20001/CVE-2023-25690:
    apache2_2.4.56-1~deb11u1_amd64.deb
    apache2-bin_2.4.56-1~deb11u1_amd64.deb
    apache2-data_2.4.56-1~deb11u1_all.deb
    apache2-utils_2.4.56-1~deb11u1_amd64.deb

    Refer to:
    https://nvd.nist.gov/vuln/detail/CVE-2006-20001
    https://nvd.nist.gov/vuln/detail/CVE-2023-25690

    Test Plan:
    Pass: downloader
    Pass: build-pkgs --clean --all
    Pass: build-image
    Pass: boot

    Closes-bug: #2012865

    Signed-off-by: Zhang Xiao <email address hidden>
    Change-Id: I0a608d8602558d8362c0768968e881c61b2006cc