starlingx/tools
Code Issues Proposed changes

Debian: erlang: fix multiple CVEs

Browse Source 
Upgrade erlang-asn1    to 1:23.2.6+dfsg-1+deb11u2
Upgrade erlang-base    to 1:23.2.6+dfsg-1+deb11u2
Upgrade erlang-crypto  to 1:23.2.6+dfsg-1+deb11u2
Upgrade erlang-dev     to 1:23.2.6+dfsg-1+deb11u2
Upgrade erlang-diameter to 1:23.2.6+dfsg-1+deb11u2
Upgrade erlang-edoc    to 1:23.2.6+dfsg-1+deb11u2
Upgrade erlang-eldap   to 1:23.2.6+dfsg-1+deb11u2
Upgrade erlang-erl-docgen to 1:23.2.6+dfsg-1+deb11u2
Upgrade erlang-eunit    to 1:23.2.6+dfsg-1+deb11u2
Upgrade erlang-ftp      to 1:23.2.6+dfsg-1+deb11u2
Upgrade erlang-inets    to 1:23.2.6+dfsg-1+deb11u2
Upgrade erlang-mnesia   to 1:23.2.6+dfsg-1+deb11u2
Upgrade erlang-odbc     to 1:23.2.6+dfsg-1+deb11u2
Upgrade erlang-os-mon   to 1:23.2.6+dfsg-1+deb11u2
Upgrade erlang-parsetools to 1:23.2.6+dfsg-1+deb11u2
Upgrade erlang-public-key to 1:23.2.6+dfsg-1+deb11u2
Upgrade erlang-runtime-tools to 1:23.2.6+dfsg-1+deb11u2
Upgrade erlang-snmp     to 1:23.2.6+dfsg-1+deb11u2
Upgrade erlang-ssh      to 1:23.2.6+dfsg-1+deb11u2
Upgrade erlang-ssl      to 1:23.2.6+dfsg-1+deb11u2
Upgrade erlang-syntax-tools to 1:23.2.6+dfsg-1+deb11u2
Upgrade erlang-tftp     to 1:23.2.6+dfsg-1+deb11u2
Upgrade erlang-tools    to 1:23.2.6+dfsg-1+deb11u2
Upgrade erlang-xmerl    to 1:23.2.6+dfsg-1+deb11u2

Refer to:
CVE-2023-48795: https://nvd.nist.gov/vuln/detail/CVE-2023-48795
CVE-2025-26618: https://nvd.nist.gov/vuln/detail/CVE-2025-26618
CVE-2025-30211: https://nvd.nist.gov/vuln/detail/CVE-2025-30211
CVE-2025-32433: https://nvd.nist.gov/vuln/detail/CVE-2025-32433
https://security-tracker.debian.org/tracker/DLA-4132-1
https://www.tenable.com/plugins/nessus/234684

TestPlan:
PASS: downloader; build-pkgs
PASS: build-image
PASS: install on SX-lab

Closes-Bug: 2107928

Change-Id: Idc8354bffa9ab4b0d10b0cf80e3f5b7d4f085b66
Signed-off-by: Peng Zhang <Peng.Zhang2@windriver.com>
This commit is contained in:
Peng Zhang 2025-04-24 02:01:51 +00:00
parent 0b5db0a70b
commit 7f9d2eb420
1 changed files with 24 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
debian-mirror-tools/config/debian/common/base-bullseye.lst
View File

@ -89,30 +89,30 @@ e2fsprogs 1.46.2-2+deb11u1 https://snapshot.debian.org/archive/debian-security/
efibootmgr 17-1
eject 2.36.1-8+deb11u2 https://snapshot.debian.org/archive/debian-security/20240331T115150Z/pool/updates/main/u/util-linux/eject_2.36.1-8%2Bdeb11u2_amd64.deb
elfutils 0.183-1
erlang-asn1 1:23.2.6+dfsg-1+deb11u1 https://snapshot.debian.org/archive/debian/20230508T030704Z/pool/main/e/erlang/erlang-asn1_23.2.6+dfsg-1+deb11u1_amd64.deb
erlang-base 1:23.2.6+dfsg-1+deb11u1 https://snapshot.debian.org/archive/debian/20230508T030704Z/pool/main/e/erlang/erlang-base_23.2.6+dfsg-1+deb11u1_amd64.deb
erlang-crypto 1:23.2.6+dfsg-1+deb11u1 https://snapshot.debian.org/archive/debian/20230508T030704Z/pool/main/e/erlang/erlang-crypto_23.2.6+dfsg-1+deb11u1_amd64.deb
erlang-dev 1:23.2.6+dfsg-1+deb11u1 https://snapshot.debian.org/archive/debian/20230508T030704Z/pool/main/e/erlang/erlang-dev_23.2.6+dfsg-1+deb11u1_amd64.deb
erlang-diameter 1:23.2.6+dfsg-1+deb11u1 https://snapshot.debian.org/archive/debian/20230508T030704Z/pool/main/e/erlang/erlang-diameter_23.2.6+dfsg-1+deb11u1_amd64.deb
erlang-edoc 1:23.2.6+dfsg-1+deb11u1 https://snapshot.debian.org/archive/debian/20230508T030704Z/pool/main/e/erlang/erlang-edoc_23.2.6+dfsg-1+deb11u1_amd64.deb
erlang-eldap 1:23.2.6+dfsg-1+deb11u1 https://snapshot.debian.org/archive/debian/20230508T030704Z/pool/main/e/erlang/erlang-eldap_23.2.6+dfsg-1+deb11u1_amd64.deb
erlang-erl-docgen 1:23.2.6+dfsg-1+deb11u1 https://snapshot.debian.org/archive/debian/20230508T030704Z/pool/main/e/erlang/erlang-erl-docgen_23.2.6+dfsg-1+deb11u1_amd64.deb
erlang-eunit 1:23.2.6+dfsg-1+deb11u1 https://snapshot.debian.org/archive/debian/20230508T030704Z/pool/main/e/erlang/erlang-eunit_23.2.6+dfsg-1+deb11u1_amd64.deb
erlang-ftp 1:23.2.6+dfsg-1+deb11u1 https://snapshot.debian.org/archive/debian/20230508T030704Z/pool/main/e/erlang/erlang-ftp_23.2.6+dfsg-1+deb11u1_amd64.deb
erlang-inets 1:23.2.6+dfsg-1+deb11u1 https://snapshot.debian.org/archive/debian/20230508T030704Z/pool/main/e/erlang/erlang-inets_23.2.6+dfsg-1+deb11u1_amd64.deb
erlang-mnesia 1:23.2.6+dfsg-1+deb11u1 https://snapshot.debian.org/archive/debian/20230508T030704Z/pool/main/e/erlang/erlang-mnesia_23.2.6+dfsg-1+deb11u1_amd64.deb
erlang-odbc 1:23.2.6+dfsg-1+deb11u1 https://snapshot.debian.org/archive/debian/20230508T030704Z/pool/main/e/erlang/erlang-odbc_23.2.6+dfsg-1+deb11u1_amd64.deb
erlang-os-mon 1:23.2.6+dfsg-1+deb11u1 https://snapshot.debian.org/archive/debian/20230508T030704Z/pool/main/e/erlang/erlang-os-mon_23.2.6+dfsg-1+deb11u1_amd64.deb
erlang-parsetools 1:23.2.6+dfsg-1+deb11u1 https://snapshot.debian.org/archive/debian/20230508T030704Z/pool/main/e/erlang/erlang-parsetools_23.2.6+dfsg-1+deb11u1_amd64.deb
erlang-public-key 1:23.2.6+dfsg-1+deb11u1 https://snapshot.debian.org/archive/debian/20230508T030704Z/pool/main/e/erlang/erlang-public-key_23.2.6+dfsg-1+deb11u1_amd64.deb
erlang-runtime-tools 1:23.2.6+dfsg-1+deb11u1 https://snapshot.debian.org/archive/debian/20230508T030704Z/pool/main/e/erlang/erlang-runtime-tools_23.2.6+dfsg-1+deb11u1_amd64.deb
erlang-snmp 1:23.2.6+dfsg-1+deb11u1 https://snapshot.debian.org/archive/debian/20230508T030704Z/pool/main/e/erlang/erlang-snmp_23.2.6+dfsg-1+deb11u1_amd64.deb
erlang-ssh 1:23.2.6+dfsg-1+deb11u1 https://snapshot.debian.org/archive/debian/20230508T030704Z/pool/main/e/erlang/erlang-ssh_23.2.6+dfsg-1+deb11u1_amd64.deb
erlang-ssl 1:23.2.6+dfsg-1+deb11u1 https://snapshot.debian.org/archive/debian/20230508T030704Z/pool/main/e/erlang/erlang-ssl_23.2.6+dfsg-1+deb11u1_amd64.deb
erlang-syntax-tools 1:23.2.6+dfsg-1+deb11u1 https://snapshot.debian.org/archive/debian/20230508T030704Z/pool/main/e/erlang/erlang-syntax-tools_23.2.6+dfsg-1+deb11u1_amd64.deb
erlang-tftp 1:23.2.6+dfsg-1+deb11u1 https://snapshot.debian.org/archive/debian/20230508T030704Z/pool/main/e/erlang/erlang-tftp_23.2.6+dfsg-1+deb11u1_amd64.deb
erlang-tools 1:23.2.6+dfsg-1+deb11u1 https://snapshot.debian.org/archive/debian/20230508T030704Z/pool/main/e/erlang/erlang-tools_23.2.6+dfsg-1+deb11u1_amd64.deb
erlang-xmerl 1:23.2.6+dfsg-1+deb11u1 https://snapshot.debian.org/archive/debian/20230508T030704Z/pool/main/e/erlang/erlang-xmerl_23.2.6+dfsg-1+deb11u1_amd64.deb
erlang-asn1 1:23.2.6+dfsg-1+deb11u2 https://snapshot.debian.org/archive/debian-security/20250420T231736Z/pool/updates/main/e/erlang/erlang-asn1_23.2.6%2Bdfsg-1%2Bdeb11u2_amd64.deb
erlang-base 1:23.2.6+dfsg-1+deb11u2 https://snapshot.debian.org/archive/debian-security/20250420T231736Z/pool/updates/main/e/erlang/erlang-base_23.2.6%2Bdfsg-1%2Bdeb11u2_amd64.deb
erlang-crypto 1:23.2.6+dfsg-1+deb11u2 https://snapshot.debian.org/archive/debian-security/20250420T231736Z/pool/updates/main/e/erlang/erlang-crypto_23.2.6%2Bdfsg-1%2Bdeb11u2_amd64.deb
erlang-dev 1:23.2.6+dfsg-1+deb11u2 https://snapshot.debian.org/archive/debian-security/20250420T231736Z/pool/updates/main/e/erlang/erlang-dev_23.2.6%2Bdfsg-1%2Bdeb11u2_amd64.deb
erlang-diameter 1:23.2.6+dfsg-1+deb11u2 https://snapshot.debian.org/archive/debian-security/20250420T231736Z/pool/updates/main/e/erlang/erlang-diameter_23.2.6%2Bdfsg-1%2Bdeb11u2_amd64.deb
erlang-edoc 1:23.2.6+dfsg-1+deb11u2 https://snapshot.debian.org/archive/debian-security/20250420T231736Z/pool/updates/main/e/erlang/erlang-edoc_23.2.6%2Bdfsg-1%2Bdeb11u2_amd64.deb
erlang-eldap 1:23.2.6+dfsg-1+deb11u2 https://snapshot.debian.org/archive/debian-security/20250420T231736Z/pool/updates/main/e/erlang/erlang-eldap_23.2.6%2Bdfsg-1%2Bdeb11u2_amd64.deb
erlang-erl-docgen 1:23.2.6+dfsg-1+deb11u2 https://snapshot.debian.org/archive/debian-security/20250420T231736Z/pool/updates/main/e/erlang/erlang-erl-docgen_23.2.6%2Bdfsg-1%2Bdeb11u2_amd64.deb
erlang-eunit 1:23.2.6+dfsg-1+deb11u2 https://snapshot.debian.org/archive/debian-security/20250420T231736Z/pool/updates/main/e/erlang/erlang-eunit_23.2.6%2Bdfsg-1%2Bdeb11u2_amd64.deb
erlang-ftp 1:23.2.6+dfsg-1+deb11u2 https://snapshot.debian.org/archive/debian-security/20250420T231736Z/pool/updates/main/e/erlang/erlang-ftp_23.2.6%2Bdfsg-1%2Bdeb11u2_amd64.deb
erlang-inets 1:23.2.6+dfsg-1+deb11u2 https://snapshot.debian.org/archive/debian-security/20250420T231736Z/pool/updates/main/e/erlang/erlang-inets_23.2.6%2Bdfsg-1%2Bdeb11u2_amd64.deb
erlang-mnesia 1:23.2.6+dfsg-1+deb11u2 https://snapshot.debian.org/archive/debian-security/20250420T231736Z/pool/updates/main/e/erlang/erlang-mnesia_23.2.6%2Bdfsg-1%2Bdeb11u2_amd64.deb
erlang-odbc 1:23.2.6+dfsg-1+deb11u2 https://snapshot.debian.org/archive/debian-security/20250420T231736Z/pool/updates/main/e/erlang/erlang-odbc_23.2.6%2Bdfsg-1%2Bdeb11u2_amd64.deb
erlang-os-mon 1:23.2.6+dfsg-1+deb11u2 https://snapshot.debian.org/archive/debian-security/20250420T231736Z/pool/updates/main/e/erlang/erlang-os-mon_23.2.6%2Bdfsg-1%2Bdeb11u2_amd64.deb
erlang-parsetools 1:23.2.6+dfsg-1+deb11u2 https://snapshot.debian.org/archive/debian-security/20250420T231736Z/pool/updates/main/e/erlang/erlang-parsetools_23.2.6%2Bdfsg-1%2Bdeb11u2_amd64.deb
erlang-public-key 1:23.2.6+dfsg-1+deb11u2 https://snapshot.debian.org/archive/debian-security/20250420T231736Z/pool/updates/main/e/erlang/erlang-public-key_23.2.6%2Bdfsg-1%2Bdeb11u2_amd64.deb
erlang-runtime-tools 1:23.2.6+dfsg-1+deb11u2 https://snapshot.debian.org/archive/debian-security/20250420T231736Z/pool/updates/main/e/erlang/erlang-runtime-tools_23.2.6%2Bdfsg-1%2Bdeb11u2_amd64.deb
erlang-snmp 1:23.2.6+dfsg-1+deb11u2 https://snapshot.debian.org/archive/debian-security/20250420T231736Z/pool/updates/main/e/erlang/erlang-snmp_23.2.6%2Bdfsg-1%2Bdeb11u2_amd64.deb
erlang-ssh 1:23.2.6+dfsg-1+deb11u2 https://snapshot.debian.org/archive/debian-security/20250420T231736Z/pool/updates/main/e/erlang/erlang-ssh_23.2.6%2Bdfsg-1%2Bdeb11u2_amd64.deb
erlang-ssl 1:23.2.6+dfsg-1+deb11u2 https://snapshot.debian.org/archive/debian-security/20250420T231736Z/pool/updates/main/e/erlang/erlang-ssl_23.2.6%2Bdfsg-1%2Bdeb11u2_amd64.deb
erlang-syntax-tools 1:23.2.6+dfsg-1+deb11u2 https://snapshot.debian.org/archive/debian-security/20250420T231736Z/pool/updates/main/e/erlang/erlang-syntax-tools_23.2.6%2Bdfsg-1%2Bdeb11u2_amd64.deb
erlang-tftp 1:23.2.6+dfsg-1+deb11u2 https://snapshot.debian.org/archive/debian-security/20250420T231736Z/pool/updates/main/e/erlang/erlang-tftp_23.2.6%2Bdfsg-1%2Bdeb11u2_amd64.deb
erlang-tools 1:23.2.6+dfsg-1+deb11u2 https://snapshot.debian.org/archive/debian-security/20250420T231736Z/pool/updates/main/e/erlang/erlang-tools_23.2.6%2Bdfsg-1%2Bdeb11u2_amd64.deb
erlang-xmerl 1:23.2.6+dfsg-1+deb11u2 https://snapshot.debian.org/archive/debian-security/20250420T231736Z/pool/updates/main/e/erlang/erlang-xmerl_23.2.6%2Bdfsg-1%2Bdeb11u2_amd64.deb
ethtool 1:5.9-1
expect 5.45.4-2+b1
fdisk 2.36.1-8+deb11u2 https://snapshot.debian.org/archive/debian-security/20240331T115150Z/pool/updates/main/u/util-linux/fdisk_2.36.1-8%2Bdeb11u2_amd64.deb