From eb9852003a751b530ce811ff5503fac3af3f6641 Mon Sep 17 00:00:00 2001 From: Zhixiong Chi Date: Tue, 2 Jan 2024 01:01:45 -0800 Subject: [PATCH] haproxy: Upgrade to 2.2.9-2+deb11u6 Upgrade haproxy to 2.2.9-2+deb11u6 to fix the CVE issues CVE-2023-40225/CVE-2023-45539. Refer to: https://security-tracker.debian.org/tracker/DSA-5590-1 https://nvd.nist.gov/vuln/detail/CVE-2023-40225 https://nvd.nist.gov/vuln/detail/CVE-2023-45539 Test Plan: PASS: $downloader PASS: $build-pkgs --clean --parallel 10 PASS: $build-image PASS: Jenkins Installation PASS: dpkg -l |grep haproxy ii haproxy 2.2.9-2+deb11u6.stx.4 Closes-Bug: 2047674 Signed-off-by: Zhixiong Chi Change-Id: Ifeb5326d24fe2d2b655c9a87994401c8f1b7b05f --- base/haproxy/debian/meta_data.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/base/haproxy/debian/meta_data.yaml b/base/haproxy/debian/meta_data.yaml index 9f053e11d..b94cf25f9 100644 --- a/base/haproxy/debian/meta_data.yaml +++ b/base/haproxy/debian/meta_data.yaml @@ -1,9 +1,9 @@ --- -debver: 2.2.9-2+deb11u5 +debver: 2.2.9-2+deb11u6 dl_path: - name: haproxy-debian-2.2.9-2+deb11u5.tar.gz - url: https://salsa.debian.org/haproxy-team/haproxy/-/archive/debian/2.2.9-2+deb11u5/haproxy-debian-2.2.9-2+deb11u5.tar.gz - sha256sum: 7ac0fbbe15a733fe291031b71e550577310d9a839502102b79598d26f4501a0e + name: haproxy-debian-2.2.9-2+deb11u6.tar.gz + url: https://salsa.debian.org/haproxy-team/haproxy/-/archive/debian/2.2.9-2+deb11u6/haproxy-debian-2.2.9-2+deb11u6.tar.gz + sha256sum: 96f376b8ce24020869ee7beb6212ade9529dfa3b9f58f5bd06fac31020a67b7e revision: dist: $STX_DIST PKG_GITREVCOUNT: true