From 1c842d5a4b8507be34e1d7959139d49472bc91b5 Mon Sep 17 00:00:00 2001
From: Zhixiong Chi <zhixiong.chi@windriver.com>
Date: Thu, 25 May 2023 17:43:15 +0800
Subject: [PATCH] multipath-tools: fix CVE-2022-41973/CVE-2022-41974

Upgrade the following sub-packages to 0.8.5-2+deb11u1
multipath-tools
multipath-tools-boot
kpartx

Refer to:
https://www.debian.org/security/2023/dsa-5366

TestPlan:
PASS: downloader
PASS: build-pkgs -a -c
PASS: build-image
PASS: Jenkins Installation.
PASS: dpkg -l |grep multipath
ii   multipath-tools                    0.8.5-2+deb11u1
ii   multipath-tools-boot               0.8.5-2+deb11u1
PASS: dpkg -l |grep kpartx
ii   kpartx                             0.8.5-2+deb11u1

Closes-Bug: 2020720

Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com>
Change-Id: Ib96070d8cf556ed476d8334133a4047dcaee166d
---
 debian-mirror-tools/config/debian/common/base-bullseye.lst | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/debian-mirror-tools/config/debian/common/base-bullseye.lst b/debian-mirror-tools/config/debian/common/base-bullseye.lst
index 773653dd..8db3c2af 100644
--- a/debian-mirror-tools/config/debian/common/base-bullseye.lst
+++ b/debian-mirror-tools/config/debian/common/base-bullseye.lst
@@ -203,7 +203,7 @@ kernel-wedge  2.104
 keyutils  1.6.1-2
 klibc-utils  2.0.8-6.1
 kmod  28-1
-kpartx  0.8.5-2
+kpartx  0.8.5-2+deb11u1  https://snapshot.debian.org/archive/debian/20230524T024530Z/pool/main/m/multipath-tools/kpartx_0.8.5-2+deb11u1_amd64.deb
 krb5-multidev  1.18.3-6+deb11u3  https://snapshot.debian.org/archive/debian/20230108T032246Z/pool/main/k/krb5/krb5-multidev_1.18.3-6+deb11u3_amd64.deb
 less  551-2
 libacl1  2.2.53-10
@@ -756,8 +756,8 @@ mime-support  3.66
 mksh  59c-9+b2
 mokutil  0.6.0-2~deb11u1
 mount  2.36.1-8+deb11u1
-multipath-tools  0.8.5-2
-multipath-tools-boot  0.8.5-2
+multipath-tools  0.8.5-2+deb11u1  https://snapshot.debian.org/archive/debian/20230524T024530Z/pool/main/m/multipath-tools/multipath-tools_0.8.5-2+deb11u1_amd64.deb
+multipath-tools-boot  0.8.5-2+deb11u1  https://snapshot.debian.org/archive/debian/20230524T024530Z/pool/main/m/multipath-tools/multipath-tools-boot_0.8.5-2+deb11u1_all.deb
 mysql-common  5.8+1.0.7
 nano  5.4-2
 ncat  7.91+dfsg1+really7.80+dfsg1-2