Debian: syslog-ng: fix CVE-2022-38725

Upgrade packages to below version to fix CVE-2022-38725: syslog-ng_3.28.1-2+deb11u1_all.deb syslog-ng-core_3.28.1-2+deb11u1_amd64.deb syslog-ng-mod-mongodb_3.28.1-2+deb11u1_amd64.deb syslog-ng-mod-sql_3.28.1-2+deb11u1_amd64.deb Refer to: https://nvd.nist.gov/vuln/detail/CVE-2022-38725 Test Plan: Pass: downloader Pass: build-pkgs --clean --all Pass: build-image Pass: boot Closes-bug: #2012868 Signed-off-by: Zhang Xiao <xiao.zhang@windriver.com> Change-Id: I5577da009521ac8e76abc35926d48f6a1955bc22
2023-04-03 21:17:58 +08:00 · 2023-04-03 21:17:58 +08:00 · 6ebfca01f4
parent 262da43244
commit 6ebfca01f4
1 changed files with 4 additions and 4 deletions
--- a/debian-mirror-tools/config/debian/common/base-bullseye.lst
+++ b/debian-mirror-tools/config/debian/common/base-bullseye.lst
@ -1172,10 +1172,10 @@ strongswan-libcharon  5.9.1-1+deb11u3  https://snapshot.debian.org/archive/debia
 strongswan-starter  5.9.1-1+deb11u3  https://snapshot.debian.org/archive/debian-security/20221006T161039Z/pool/updates/main/s/strongswan/strongswan-starter_5.9.1-1%2Bdeb11u3_amd64.deb
 sudo-ldap  1.9.5p2-3
 sysstat  12.5.2-2
-syslog-ng  3.28.1-2
-syslog-ng-core  3.28.1-2+b1
-syslog-ng-mod-mongodb  3.28.1-2+b1
-syslog-ng-mod-sql  3.28.1-2+b1
+syslog-ng  3.28.1-2+deb11u1 https://snapshot.debian.org/archive/debian/20230324T031555Z/pool/main/s/syslog-ng/syslog-ng_3.28.1-2%2Bdeb11u1_all.deb
+syslog-ng-core  3.28.1-2+deb11u1 https://snapshot.debian.org/archive/debian/20230324T031555Z/pool/main/s/syslog-ng/syslog-ng-core_3.28.1-2%2Bdeb11u1_amd64.deb
+syslog-ng-mod-mongodb  3.28.1-2+deb11u1 https://snapshot.debian.org/archive/debian/20230324T031555Z/pool/main/s/syslog-ng/syslog-ng-mod-mongodb_3.28.1-2%2Bdeb11u1_amd64.deb
+syslog-ng-mod-sql  3.28.1-2+deb11u1 https://snapshot.debian.org/archive/debian/20230324T031555Z/pool/main/s/syslog-ng/syslog-ng-mod-sql_3.28.1-2%2Bdeb11u1_amd64.deb
 syslinux-utils 3:6.04~git20190206.bf6db5b4+dfsg1-3+b1
 systemtap-sdt-dev  4.4-2
 sysvinit-utils  2.96-7+deb11u1