[Security] Upgrade the OpenSSL/OpenSSH to fix CVE alerts (#16902)
### Why I did it [Security] Upgrade the OpenSSL/OpenSSH to fix CVE alerts Upgrade OpenSSL to 1.1.1n-0+deb11u5 Fix CVEs: CVE-2023-0464 (Excessive Resource Usage Verifying X.509 Policy CVE-2023-0465 (Invalid certificate policies in leaf certificates are CVE-2023-0466 (Certificate policy check not enabled). CVE-2022-4304 (Timing Oracle in RSA Decryption). CVE-2023-2650 (Possible DoS translating ASN.1 object identifiers). Upgrade OpenSSH to 8.4p1-5+deb11u2 Fix CVEs: CVE-2023-38408 (Lacks SSH agent restriction) ##### Work item tracking - Microsoft ADO **(number only)**: 25506776 #### How I did it Upgrade the OpenSSL/OpenSSH package version and fix the UT failure. #### How to verify it Verified by UTs with and without FIPS enabled.
This commit is contained in:
parent
6410e66f35
commit
5f224327a9
@ -1,8 +1,8 @@
|
||||
# fips packages
|
||||
|
||||
FIPS_VERSION = 0.8
|
||||
FIPS_OPENSSL_VERSION = 1.1.1n-0+deb11u4+fips
|
||||
FIPS_OPENSSH_VERSION = 8.4p1-5+deb11u1+fips
|
||||
FIPS_VERSION = 0.9
|
||||
FIPS_OPENSSL_VERSION = 1.1.1n-0+deb11u5+fips
|
||||
FIPS_OPENSSH_VERSION = 8.4p1-5+deb11u2+fips
|
||||
FIPS_PYTHON_MAIN_VERSION = 3.9
|
||||
FIPS_PYTHON_VERSION = 3.9.2-1+fips
|
||||
FIPS_GOLANG_MAIN_VERSION = 1.15
|
||||
|
Loading…
Reference in New Issue
Block a user