StarlingX

  1. Bug #2047674
  2. Comment #2

Comment 2 for bug 2047674

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to integ (master)

Reviewed: https://review.opendev.org/c/starlingx/integ/+/904482
Committed: https://opendev.org/starlingx/integ/commit/eb9852003a751b530ce811ff5503fac3af3f6641
Submitter: "Zuul (22348)"
Branch: master

commit eb9852003a751b530ce811ff5503fac3af3f6641
Author: Zhixiong Chi <email address hidden>
Date: Tue Jan 2 01:01:45 2024 -0800

    haproxy: Upgrade to 2.2.9-2+deb11u6

    Upgrade haproxy to 2.2.9-2+deb11u6 to fix the CVE issues
    CVE-2023-40225/CVE-2023-45539.

    Refer to:
    https://security-tracker.debian.org/tracker/DSA-5590-1
    https://nvd.nist.gov/vuln/detail/CVE-2023-40225
    https://nvd.nist.gov/vuln/detail/CVE-2023-45539

    Test Plan:
    PASS: $downloader
    PASS: $build-pkgs --clean --parallel 10
    PASS: $build-image
    PASS: Jenkins Installation
    PASS: dpkg -l |grep haproxy
    ii haproxy 2.2.9-2+deb11u6.stx.4

    Closes-Bug: 2047674

    Signed-off-by: Zhixiong Chi <email address hidden>
    Change-Id: Ifeb5326d24fe2d2b655c9a87994401c8f1b7b05f