Debian:libaprutil1:fix CVE-2022-25147
Upgrade libaprutil1,libaprutil1,libaprutil1-ldap to the version that CVE-2022-25147 have been fixed: libaprutil1_1.6.1-5_amd64.deb to libaprutil1_1.6.1-5+deb11u1_amd64.deb libaprutil1-dbd-sqlite3_1.6.1-5_amd64.deb to libaprutil1-dbd-sqlite3_1.6.1-5+deb11u1_amd64.deb libaprutil1-ldap_1.6.1-5_amd64.deb to libaprutil1-ldap_1.6.1-5+deb11u1_amd64.deb This commit fixes Integer Overflow or Wraparound vulnerability in apr_base64 functions of Apache Portable Runtime Utility (APR-util) to avoid an attacker writing beyond bounds of a buffer. (Refer to https://security-tracker.debian.org/tracker/CVE-2022-25147) Test plan: PASS: build-pkgs --clean --all && build-image Closes-bug: 2009333 Signed-off-by: Peng <Peng.Zhang2@windriver.com> Change-Id: I139b3d51df946004da3041f7e6438a475204bbff
This commit is contained in:
parent
066f34ea9e
commit
b9fc758861
@ -207,9 +207,9 @@ libapache2-mod-wsgi-py3 4.7.1-3+b1
|
||||
libapparmor-dev 2.13.6-10
|
||||
libapparmor1 2.13.6-10
|
||||
libapr1 1.7.0-6+deb11u1
|
||||
libaprutil1 1.6.1-5
|
||||
libaprutil1-dbd-sqlite3 1.6.1-5
|
||||
libaprutil1-ldap 1.6.1-5
|
||||
libaprutil1 1.6.1-5+deb11u1 https://snapshot.debian.org/archive/debian-security/20230226T132716Z/pool/updates/main/a/apr-util/libaprutil1_1.6.1-5%2Bdeb11u1_amd64.deb
|
||||
libaprutil1-dbd-sqlite3 1.6.1-5+deb11u1 https://snapshot.debian.org/archive/debian-security/20230226T132716Z/pool/updates/main/a/apr-util/libaprutil1-dbd-sqlite3_1.6.1-5%2Bdeb11u1_amd64.deb
|
||||
libaprutil1-ldap 1.6.1-5+deb11u1 https://snapshot.debian.org/archive/debian-security/20230226T132716Z/pool/updates/main/a/apr-util/libaprutil1-ldap_1.6.1-5%2Bdeb11u1_amd64.deb
|
||||
libapt-pkg6.0 2.2.4
|
||||
libarchive13 3.4.3-2+deb11u1
|
||||
libarchive-zip-perl 1.68-1
|
||||
|
Loading…
Reference in New Issue
Block a user