Debian: yajl: fix multiple CVEs
Upgrade yajl-tools package version from 2.1.0-3 to 2.1.0-3+deb11u2, libyajl-dev package from 2.1.0-3 to 2.1.0-3+deb11u2, libyajl2 package from 2.1.0-3 to 2.1.0-3+deb11u2 to fix CVE-2017-16516/CVE-2022-24795/CVE-2023-33460. Refer to: https://nvd.nist.gov/vuln/detail/CVE-2017-16516 https://nvd.nist.gov/vuln/detail/CVE-2022-24795 https://nvd.nist.gov/vuln/detail/CVE-2023-33460 Test Plan: Pass: downloader Pass: build-pkgs --clean --all Pass: build-image Pass: boot Closes-bug: #2038882 Change-Id: I2095b68896d2db1eb881d8a0357d291491b6dbc1 Signed-off-by: Peng Zhang <Peng.Zhang2@windriver.com>
This commit is contained in:
parent
03cb443de0
commit
bdd47c99da
@ -755,8 +755,8 @@ libxslt1-dev 1.1.34-4+deb11u1 https://snapshot.debian.org/archive/debian/2022082
|
||||
libxt6 1:1.2.0-1
|
||||
libxtables12 1.8.7-1
|
||||
libxxhash0 0.8.0-2
|
||||
libyajl-dev 2.1.0-3
|
||||
libyajl2 2.1.0-3
|
||||
libyajl-dev 2.1.0-3+deb11u2 https://snapshot.debian.org/archive/debian/20230725T030258Z/pool/main/y/yajl/libyajl-dev_2.1.0-3%2Bdeb11u2_amd64.deb
|
||||
libyajl2 2.1.0-3+deb11u2 https://snapshot.debian.org/archive/debian/20230725T030258Z/pool/main/y/yajl/libyajl2_2.1.0-3%2Bdeb11u2_amd64.deb
|
||||
libyaml-0-2 0.2.2-1
|
||||
libyaml-cpp0.6 0.6.3-9
|
||||
libz3-4 4.8.10-1
|
||||
|
@ -6,4 +6,4 @@ kexec-tools 1:2.0.20-2.1
|
||||
crash 7.2.9-2
|
||||
liblzo2-2 2.10-2
|
||||
pigz 2.6-1
|
||||
yajl-tools 2.1.0-3
|
||||
yajl-tools 2.1.0-3+deb11u2 https://snapshot.debian.org/archive/debian/20230725T030258Z/pool/main/y/yajl/yajl-tools_2.1.0-3%2Bdeb11u2_amd64.deb
|
||||
|
Loading…
x
Reference in New Issue
Block a user