starlingx/tools
Code Issues Proposed changes

Debian: apache2: fix multiple CVEs

Browse Source 
Upgrade apache2 to 2.4.61-1~deb11u1
Upgrade apache2-bin to 2.4.61-1~deb11u1
Upgrade apache2-data to 2.4.61-1~deb11u1
Upgrade apache2-utils to 2.4.61-1~deb11u1

Refer to:
https://nvd.nist.gov/vuln/detail/CVE-2024-36387
https://nvd.nist.gov/vuln/detail/CVE-2024-38473
https://nvd.nist.gov/vuln/detail/CVE-2024-38474
https://nvd.nist.gov/vuln/detail/CVE-2024-38475
https://nvd.nist.gov/vuln/detail/CVE-2024-38476
https://nvd.nist.gov/vuln/detail/CVE-2024-38477
https://nvd.nist.gov/vuln/detail/CVE-2024-39573
https://security-tracker.debian.org/tracker/DSA-5729-1
https://www.tenable.com/plugins/nessus/202232

TestPlan:
PASS: downloader; build-pkgs
PASS: build-image

Closes-Bug: 2072904
Change-Id: I93c4381bfd3b3d7ea9d801258bd52ebfd222aedf
Signed-off-by: Peng Zhang <Peng.Zhang2@windriver.com>
This commit is contained in:
Peng Zhang 2024-07-13 03:01:01 +00:00
parent 59934b34d6
commit 85b18e28a4
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
debian-mirror-tools/config/debian/common/base-bullseye.lst
View File

@ -4,10 +4,10 @@ acpi-support-base 0.143-5
adduser 3.118 adduser 3.118
alembic 1.4.3-1 alembic 1.4.3-1
ansible 2.10.7+merged+base+2.10.8+dfsg-1 ansible 2.10.7+merged+base+2.10.8+dfsg-1
apache2 2.4.59-1~deb11u1 https://snapshot.debian.org/archive/debian-security/20240416T183047Z/pool/updates/main/a/apache2/apache2_2.4.59-1~deb11u1_amd64.deb apache2 2.4.61-1~deb11u1 https://snapshot.debian.org/archive/debian-security/20240711T193635Z/pool/updates/main/a/apache2/apache2_2.4.61-1~deb11u1_amd64.deb
apache2-bin 2.4.59-1~deb11u1 https://snapshot.debian.org/archive/debian-security/20240416T183047Z/pool/updates/main/a/apache2/apache2-bin_2.4.59-1~deb11u1_amd64.deb apache2-bin 2.4.61-1~deb11u1 https://snapshot.debian.org/archive/debian-security/20240711T193635Z/pool/updates/main/a/apache2/apache2-bin_2.4.61-1~deb11u1_amd64.deb
apache2-data 2.4.59-1~deb11u1 https://snapshot.debian.org/archive/debian-security/20240416T183047Z/pool/updates/main/a/apache2/apache2-data_2.4.59-1~deb11u1_all.deb apache2-data 2.4.61-1~deb11u1 https://snapshot.debian.org/archive/debian-security/20240711T193635Z/pool/updates/main/a/apache2/apache2-data_2.4.61-1~deb11u1_all.deb
apache2-utils 2.4.59-1~deb11u1 https://snapshot.debian.org/archive/debian-security/20240416T183047Z/pool/updates/main/a/apache2/apache2-utils_2.4.59-1~deb11u1_amd64.deb apache2-utils 2.4.61-1~deb11u1 https://snapshot.debian.org/archive/debian-security/20240711T193635Z/pool/updates/main/a/apache2/apache2-utils_2.4.61-1~deb11u1_amd64.deb
apparmor 2.13.6-10 apparmor 2.13.6-10
apparmor-utils 2.13.6-10 apparmor-utils 2.13.6-10
apt 2.2.4 apt 2.2.4