StarlingX

Bug #2018636
Comment #1

Comment 1 for bug 2018636

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2023-05-11: Fix merged to tools (master)

Reviewed: https://review.opendev.org/c/starlingx/tools/+/882804
Committed: https://opendev.org/starlingx/tools/commit/3ce45d4dd5dfecef18e92fca0983abb2299df50b
Submitter: "Zuul (22348)"
Branch: master

commit 3ce45d4dd5dfecef18e92fca0983abb2299df50b
Author: Zhixiong Chi <email address hidden>
Date: Mon May 8 14:24:00 2023 +0800

erlang: fix CVE-2022-37026

    Upgrade erlang sub-packages to 23.2.6+dfsg-1+deb11u1
    erlang-asn1_23.2.6+dfsg-1+deb11u1
    erlang-base_23.2.6+dfsg-1+deb11u1
    erlang-crypto_23.2.6+dfsg-1+deb11u1
    erlang-dev_23.2.6+dfsg-1+deb11u1
    erlang-diameter_23.2.6+dfsg-1+deb11u1
    erlang-edoc_23.2.6+dfsg-1+deb11u1
    erlang-eldap_23.2.6+dfsg-1+deb11u1
    erlang-erl-docgen_23.2.6+dfsg-1+deb11u1
    erlang-eunit_23.2.6+dfsg-1+deb11u1
    erlang-ftp_23.2.6+dfsg-1+deb11u1
    erlang-inets_23.2.6+dfsg-1+deb11u1
    erlang-mnesia_23.2.6+dfsg-1+deb11u1
    erlang-odbc_23.2.6+dfsg-1+deb11u1
    erlang-os-mon_23.2.6+dfsg-1+deb11u1
    erlang-parsetools_23.2.6+dfsg-1+deb11u1
    erlang-public-key_23.2.6+dfsg-1+deb11u1
    erlang-runtime-tools_23.2.6+dfsg-1+deb11u1
    erlang-snmp_23.2.6+dfsg-1+deb11u1
    erlang-ssh_23.2.6+dfsg-1+deb11u1
    erlang-ssl_23.2.6+dfsg-1+deb11u1
    erlang-syntax-tools_23.2.6+dfsg-1+deb11u1
    erlang-tftp_23.2.6+dfsg-1+deb11u1
    erlang-tools_23.2.6+dfsg-1+deb11u1
    erlang-xmerl_23.2.6+dfsg-1+deb11u1

Refer to:
https://security-tracker.debian.org/tracker/CVE-2022-37026

TestPlan:
PASS: downloader
-a -c
/> Installation.
-l |grep erlang-
1:23.2.6+dfsg-1+deb11u1
1:23.2.6+dfsg-1+deb11u1
1:23.2.6+dfsg-1+deb11u1
1:23.2.6+dfsg-1+deb11u1
1:23.2.6+dfsg-1+deb11u1
1:23.2.6+dfsg-1+deb11u1
1:23.2.6+dfsg-1+deb11u1
1:23.2.6+dfsg-1+deb11u1
1:23.2.6+dfsg-1+deb11u1
1:23.2.6+dfsg-1+deb11u1
/>runtime-tools 1:23.2.6+dfsg-1+deb11u1
1:23.2.6+dfsg-1+deb11u1
1:23.2.6+dfsg-1+deb11u1
1:23.2.6+dfsg-1+deb11u1
1:23.2.6+dfsg-1+deb11u1
1:23.2.6+dfsg-1+deb11u1
1:23.2.6+dfsg-1+deb11u1

Closes-Bug: 2018636

Signed-off-by: Zhixiong Chi <email address hidden>
Change-Id: I34900d3c94c08bbd00a9ca60bdcfb76b1531bd1b

Reviewed:  https://review.opendev.org/c/starlingx/tools/+/882804
Committed: https://opendev.org/starlingx/tools/commit/3ce45d4dd5dfecef18e92fca0983abb2299df50b
Submitter: "Zuul (22348)"
Branch:    master

commit 3ce45d4dd5dfecef18e92fca0983abb2299df50b
Author: Zhixiong Chi <zhixiong.chi@windriver.com>
Date:   Mon May 8 14:24:00 2023 +0800

erlang: fix CVE-2022-37026
    
    Upgrade erlang sub-packages to 23.2.6+dfsg-1+deb11u1
    erlang-asn1_23.2.6+dfsg-1+deb11u1
    erlang-base_23.2.6+dfsg-1+deb11u1
    erlang-crypto_23.2.6+dfsg-1+deb11u1
    erlang-dev_23.2.6+dfsg-1+deb11u1
    erlang-diameter_23.2.6+dfsg-1+deb11u1
    erlang-edoc_23.2.6+dfsg-1+deb11u1
    erlang-eldap_23.2.6+dfsg-1+deb11u1
    erlang-erl-docgen_23.2.6+dfsg-1+deb11u1
    erlang-eunit_23.2.6+dfsg-1+deb11u1
    erlang-ftp_23.2.6+dfsg-1+deb11u1
    erlang-inets_23.2.6+dfsg-1+deb11u1
    erlang-mnesia_23.2.6+dfsg-1+deb11u1
    erlang-odbc_23.2.6+dfsg-1+deb11u1
    erlang-os-mon_23.2.6+dfsg-1+deb11u1
    erlang-parsetools_23.2.6+dfsg-1+deb11u1
    erlang-public-key_23.2.6+dfsg-1+deb11u1
    erlang-runtime-tools_23.2.6+dfsg-1+deb11u1
    erlang-snmp_23.2.6+dfsg-1+deb11u1
    erlang-ssh_23.2.6+dfsg-1+deb11u1
    erlang-ssl_23.2.6+dfsg-1+deb11u1
    erlang-syntax-tools_23.2.6+dfsg-1+deb11u1
    erlang-tftp_23.2.6+dfsg-1+deb11u1
    erlang-tools_23.2.6+dfsg-1+deb11u1
    erlang-xmerl_23.2.6+dfsg-1+deb11u1
    
    Refer to:
    https://security-tracker.debian.org/tracker/CVE-2022-37026
    
    TestPlan:
    PASS: downloader
    PASS: build-pkgs -a -c
    PASS: build-image
    PASS: Jenkins Installation.
    PASS: dpkg -l |grep erlang-
    ii  erlang-asn1                   1:23.2.6+dfsg-1+deb11u1
    ii  erlang-base                   1:23.2.6+dfsg-1+deb11u1
    ii  erlang-crypto                 1:23.2.6+dfsg-1+deb11u1
    ii  erlang-eldap                  1:23.2.6+dfsg-1+deb11u1
    ii  erlang-ftp                    1:23.2.6+dfsg-1+deb11u1
    ii  erlang-inets                  1:23.2.6+dfsg-1+deb11u1
    ii  erlang-mnesia                 1:23.2.6+dfsg-1+deb11u1
    ii  erlang-os-mon                 1:23.2.6+dfsg-1+deb11u1
    ii  erlang-parsetools             1:23.2.6+dfsg-1+deb11u1
    ii  erlang-public-key             1:23.2.6+dfsg-1+deb11u1
    ii  erlang-runtime-tools          1:23.2.6+dfsg-1+deb11u1
    ii  erlang-snmp                   1:23.2.6+dfsg-1+deb11u1
    ii  erlang-ssl                    1:23.2.6+dfsg-1+deb11u1
    ii  erlang-syntax-tools           1:23.2.6+dfsg-1+deb11u1
    ii  erlang-tftp                   1:23.2.6+dfsg-1+deb11u1
    ii  erlang-tools                  1:23.2.6+dfsg-1+deb11u1
    ii  erlang-xmerl                  1:23.2.6+dfsg-1+deb11u1
    
    Closes-Bug: 2018636
    
    Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com>
    Change-Id: I34900d3c94c08bbd00a9ca60bdcfb76b1531bd1b