StarlingX

  1. Bug #2020732
  2. Comment #2

Comment 2 for bug 2020732

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to integ (master)

Reviewed: https://review.opendev.org/c/starlingx/integ/+/884586
Committed: https://opendev.org/starlingx/integ/commit/323cc82399577fa2f6759dfe70277e138d236ac7
Submitter: "Zuul (22348)"
Branch: master

commit 323cc82399577fa2f6759dfe70277e138d236ac7
Author: Zhixiong Chi <email address hidden>
Date: Thu May 25 18:12:32 2023 +0800

    haproxy: upgrade to 2.2.9-2+deb11u5

    Fix the CVE-2023-0836 issue:
    5 bytes left uninitialized in the connection buffer

    Refer to:
    https://www.debian.org/security/2023/dsa-5388

    Test Plan:
    PASS: $downloader
    PASS: $build-pkgs --clean --parallel 10
    PASS: $build-image
    PASS: Jenkins Installation
    PASS: dpkg -l |grep haproxy
    ii haproxy 2.2.9-2+deb11u5.stx.3

    Closes-Bug: 2020732

    Signed-off-by: Zhixiong Chi <email address hidden>
    Change-Id: I8c5a938ace4b81d6adf3ddb242a6b80555c6c7d4