starlingx
/
tools
Code Issues Proposed changes

Debian: samba : fix multiple CVEs 

Upgrade samba-libs, libwbclient0, libsmbclient to:

libsmbclient_2:4.13.13+dfsg-1~deb11u6_amd64.deb
libwbclient0_2:4.13.13+dfsg-1~deb11u6_amd64.deb
samba-libs_2:4.13.13+dfsg-1~deb11u6_amd64.deb

Refer to:
CVE-2022-2127: https://nvd.nist.gov/vuln/detail/CVE-2022-2127
CVE-2022-3437: https://nvd.nist.gov/vuln/detail/CVE-2022-3437
CVE-2023-4091: https://nvd.nist.gov/vuln/detail/CVE-2023-4091
CVE-2023-34966: https://nvd.nist.gov/vuln/detail/CVE-2023-34966
CVE-2023-34967: https://nvd.nist.gov/vuln/detail/CVE-2023-34967
CVE-2023-34968: https://nvd.nist.gov/vuln/detail/CVE-2023-34968

Test Plan:
Pass: downloader
Pass: build-pkgs --clean --all
Pass: build-image
Pass: boot

Closes-bug: #2058868

Signed-off-by: Wentao Zhang <Wentao.Zhang@windriver.com>
Change-Id: I86d5c03f410d3f00d8ff990e3f48dadff3361f41
This commit is contained in:
Wentao Zhang 2024-04-17 18:44:08 -07:00 committed by Wentao Zhang
parent 8a7e79c205
commit 8dea40d025
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
debian-mirror-tools/config/debian/common/base-bullseye.lst
View File

@ -655,7 +655,7 @@ libslirp-dev 4.4.0-1+deb11u2
libslirp0 4.4.0-1+deb11u2
libsm6 2:1.2.3-1
libsmartcols1 2.36.1-8+deb11u1
libsmbclient 2:4.13.13+dfsg-1~deb11u5 https://snapshot.debian.org/archive/debian/20221106T145349Z/pool/main/s/samba/libsmbclient_4.13.13+dfsg-1~deb11u5_amd64.deb
libsmbclient 2:4.13.13+dfsg-1~deb11u6 https://snapshot.debian.org/archive/debian-security/20240324T202754Z/pool/updates/main/s/samba/libsmbclient_4.13.13%2Bdfsg-1~deb11u6_amd64.deb
libsnappy1v5 1.1.8-1
libsnmp40 5.9+dfsg-4+deb11u1 https://snapshot.debian.org/archive/debian/20230524T024530Z/pool/main/n/net-snmp/libsnmp40_5.9+dfsg-4+deb11u1_amd64.deb
libsnmp-base 5.9+dfsg-4+deb11u1 https://snapshot.debian.org/archive/debian/20230524T024530Z/pool/main/n/net-snmp/libsnmp-base_5.9+dfsg-4+deb11u1_all.deb
@ -726,7 +726,7 @@ libvirglrenderer-dev 0.8.2-5+deb11u1 https://snapshot.debian.org/archive/debian
libvirglrenderer1 0.8.2-5+deb11u1 https://snapshot.debian.org/archive/debian/20221210T034654Z/pool/main/v/virglrenderer/libvirglrenderer1_0.8.2-5%2Bdeb11u1_amd64.deb
libvte-2.91-dev 0.62.3-1
libwayland-server0 1.18.0-2~exp1.1
libwbclient0 2:4.13.13+dfsg-1~deb11u5 https://snapshot.debian.org/archive/debian/20221106T145349Z/pool/main/s/samba/libwbclient0_4.13.13+dfsg-1~deb11u5_amd64.deb
libwbclient0 2:4.13.13+dfsg-1~deb11u6 https://snapshot.debian.org/archive/debian-security/20240324T202754Z/pool/updates/main/s/samba/libwbclient0_4.13.13%2Bdfsg-1~deb11u6_amd64.deb
libwireshark-dev 3.4.10-0+deb11u1
libwiretap-dev 3.4.10-0+deb11u1
libwrap0 7.6.q-31
@ -1194,7 +1194,7 @@ ruby-shadow 2.5.0-1+b4
ruby-test-unit 3.3.9-1
ruby-xmlrpc 0.3.0-2
runit-helper 2.10.3
samba-libs 2:4.13.13+dfsg-1~deb11u5 https://snapshot.debian.org/archive/debian/20221106T145349Z/pool/main/s/samba/samba-libs_4.13.13+dfsg-1~deb11u5_amd64.deb
samba-libs 2:4.13.13+dfsg-1~deb11u6 https://snapshot.debian.org/archive/debian-security/20240324T202754Z/pool/updates/main/s/samba/samba-libs_4.13.13%2Bdfsg-1~deb11u6_amd64.deb
sbsigntool 0.9.2-2
screen 4.8.0-6
sed 4.7-1