[Security] Fix the krb5 vulnerability issue (#17914)
### Why I did it Fix the krb5 vulnerable issue CVE-2021-36222 allows remote attackers to cause a NULL pointer dereference and daemon crash CVE-2021-37750 NULL pointer dereference in kdc/do_tgs_req.c via a FAST inner body that lacks a server field DSA 5286-1 remote code execution ##### Work item tracking - Microsoft ADO **(number only)**: 26577929 #### How I did it Upgrade the krb5 version to 1.18.3-6+deb11u14+fips.
This commit is contained in:
parent
88f80fbe08
commit
235cf3e661
@ -1,13 +1,13 @@
|
|||||||
# fips packages
|
# fips packages
|
||||||
|
|
||||||
FIPS_VERSION = 0.9
|
FIPS_VERSION = 0.10
|
||||||
FIPS_OPENSSL_VERSION = 1.1.1n-0+deb11u5+fips
|
FIPS_OPENSSL_VERSION = 1.1.1n-0+deb11u5+fips
|
||||||
FIPS_OPENSSH_VERSION = 8.4p1-5+deb11u2+fips
|
FIPS_OPENSSH_VERSION = 8.4p1-5+deb11u2+fips
|
||||||
FIPS_PYTHON_MAIN_VERSION = 3.9
|
FIPS_PYTHON_MAIN_VERSION = 3.9
|
||||||
FIPS_PYTHON_VERSION = 3.9.2-1+fips
|
FIPS_PYTHON_VERSION = 3.9.2-1+fips
|
||||||
FIPS_GOLANG_MAIN_VERSION = 1.15
|
FIPS_GOLANG_MAIN_VERSION = 1.15
|
||||||
FIPS_GOLANG_VERSION = 1.15.15-1~deb11u4+fips
|
FIPS_GOLANG_VERSION = 1.15.15-1~deb11u4+fips
|
||||||
FIPS_KRB5_VERSION = 1.18.3-6+deb11u1+fips
|
FIPS_KRB5_VERSION = 1.18.3-6+deb11u14+fips
|
||||||
FIPS_URL_PREFIX = https://sonicstorage.blob.core.windows.net/public/fips/$(BLDENV)/$(FIPS_VERSION)/$(CONFIGURED_ARCH)
|
FIPS_URL_PREFIX = https://sonicstorage.blob.core.windows.net/public/fips/$(BLDENV)/$(FIPS_VERSION)/$(CONFIGURED_ARCH)
|
||||||
|
|
||||||
SYMCRYPT_OPENSSL_NAME = symcrypt-openssl
|
SYMCRYPT_OPENSSL_NAME = symcrypt-openssl
|
||||||
|
Loading…
Reference in New Issue
Block a user