Upgrade libxen-dev to the version that CVE-2022-42333 have been fixed:
libxen-dev_4.14.3+32-g9de3671772-1~deb11u1_amd64.deb to
libxen-dev_4.14.5+94-ge49571868d-1_amd64.deb
And a serial of libxen-dev dependency which are libxenmisc4.14,libxencall1,
libxendevicemodel1,libxenevtchn1,libxenforeignmemory1,libxengnttab1,
libxenstore3.0,libxentoolcore1,libxentoollog1,libxenhypfs1 need also be updated.
This commit provides the URL of the package in base-bullseye.lst to fix x86/HVM
pinned cache attributes mis-handling.
Reviewed: https:/ /review. opendev. org/c/starlingx /tools/ +/879219 /opendev. org/starlingx/ tools/commit/ de6603e4ad86e29 57ccd50dbbbdb88 fa3a89634e
Committed: https:/
Submitter: "Zuul (22348)"
Branch: master
commit de6603e4ad86e29 57ccd50dbbbdb88 fa3a89634e
Author: Peng <email address hidden>
Date: Sat Apr 1 17:16:44 2023 +0800
Debian: libxen- dev:fix CVE-2022-42333
Upgrade libxen-dev to the version that CVE-2022-42333 have been fixed:
libxen- dev_4.14. 3+32-g9de367177 2-1~deb11u1_ amd64.deb to dev_4.14. 5+94-ge49571868 d-1_amd64. deb
libxen-
And a serial of libxen-dev dependency which are libxenmisc4. 14,libxencall1, emodel1, libxenevtchn1, libxenforeignme mory1,libxengnt tab1, 3.0,libxentoolc ore1,libxentool log1,libxenhypf s1 need also be updated.
libxendevic
libxenstore
This commit provides the URL of the package in base-bullseye.lst to fix x86/HVM
pinned cache attributes mis-handling.
(Refer to https:/ /security- tracker. debian. org/tracker/ CVE-2022- 42333)
Test plan:
PASS: build-pkgs --clean --all && build-image
Closes-bug: 2013012 5560f0721b6a98a 97ddf720b77
Signed-off-by: Peng <email address hidden>
Change-Id: I9749f16fd839fa