Reviewed: https://review.opendev.org/c/starlingx/tools/+/899535 Committed: https://opendev.org/starlingx/tools/commit/bdd47c99da028befbadee7c290cb2eed02fcd835 Submitter: "Zuul (22348)" Branch: master
commit bdd47c99da028befbadee7c290cb2eed02fcd835 Author: Peng Zhang <email address hidden> Date: Fri Nov 3 13:13:13 2023 +0000
Debian: yajl: fix multiple CVEs
Upgrade yajl-tools package version from 2.1.0-3 to 2.1.0-3+deb11u2, libyajl-dev package from 2.1.0-3 to 2.1.0-3+deb11u2, libyajl2 package from 2.1.0-3 to 2.1.0-3+deb11u2 to fix CVE-2017-16516/CVE-2022-24795/CVE-2023-33460.
Refer to: https://nvd.nist.gov/vuln/detail/CVE-2017-16516 https://nvd.nist.gov/vuln/detail/CVE-2022-24795 https://nvd.nist.gov/vuln/detail/CVE-2023-33460
Test Plan: Pass: downloader Pass: build-pkgs --clean --all Pass: build-image Pass: boot
Closes-bug: #2038882
Change-Id: I2095b68896d2db1eb881d8a0357d291491b6dbc1 Signed-off-by: Peng Zhang <email address hidden>
Reviewed: https:/ /review. opendev. org/c/starlingx /tools/ +/899535 /opendev. org/starlingx/ tools/commit/ bdd47c99da028be fbadee7c290cb2e ed02fcd835
Committed: https:/
Submitter: "Zuul (22348)"
Branch: master
commit bdd47c99da028be fbadee7c290cb2e ed02fcd835
Author: Peng Zhang <email address hidden>
Date: Fri Nov 3 13:13:13 2023 +0000
Debian: yajl: fix multiple CVEs
Upgrade yajl-tools package version from 2.1.0-3 2017-16516/ CVE-2022- 24795/CVE- 2023-33460.
to 2.1.0-3+deb11u2, libyajl-dev package from
2.1.0-3 to 2.1.0-3+deb11u2, libyajl2 package from
2.1.0-3 to 2.1.0-3+deb11u2 to fix
CVE-
Refer to: /nvd.nist. gov/vuln/ detail/ CVE-2017- 16516 /nvd.nist. gov/vuln/ detail/ CVE-2022- 24795 /nvd.nist. gov/vuln/ detail/ CVE-2023- 33460
https:/
https:/
https:/
Test Plan:
Pass: downloader
Pass: build-pkgs --clean --all
Pass: build-image
Pass: boot
Closes-bug: #2038882
Change-Id: I2095b68896d2db 1eb881d8a0357d2 91491b6dbc1
Signed-off-by: Peng Zhang <email address hidden>