Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Security] Fix krb5 CVE-2024-37370 #19577

Merged
merged 1 commit into from
Jul 17, 2024

Conversation

xumia
Copy link
Collaborator

@xumia xumia commented Jul 15, 2024

Why I did it

[Security] Fix krb5 CVE-2024-37370

Work item tracking
  • Microsoft ADO (number only): 28432951

How I did it

Upgrade krb5 to version 1.18.3-6+deb11u5+fips

How to verify it

Which release branch to backport (provide reason below if selected)

  • 201811
  • 201911
  • 202006
  • 202012
  • 202106
  • 202111
  • 202205
  • 202211
  • 202305

Tested branch (Please provide the tested image version)

Description for the changelog

Link to config_db schema for YANG module changes

A picture of a cute animal (not mandatory but encouraged)

@xumia
Copy link
Collaborator Author

xumia commented Jul 17, 2024

/azpw ms_conflict

1 similar comment
@xumia
Copy link
Collaborator Author

xumia commented Jul 17, 2024

/azpw ms_conflict

Copy link
Contributor

@StormLiangMS StormLiangMS left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@StormLiangMS StormLiangMS merged commit 14eb4ca into sonic-net:master Jul 17, 2024
22 checks passed
arun1355492 pushed a commit to arun1355492/sonic-buildimage that referenced this pull request Jul 26, 2024
Why I did it
[Security] Fix krb5 CVE-2024-37370

Work item tracking
Microsoft ADO (number only): 28432951
How I did it
Upgrade krb5 to version 1.18.3-6+deb11u5+fips
liushilongbuaa pushed a commit to liushilongbuaa/sonic-buildimage that referenced this pull request Aug 1, 2024
Why I did it
[Security] Fix krb5 CVE-2024-37370

Work item tracking
Microsoft ADO (number only): 28432951
How I did it
Upgrade krb5 to version 1.18.3-6+deb11u5+fips
@yxieca
Copy link
Contributor

yxieca commented Aug 2, 2024

@xumia can you help create PR for 202311 and 202405 branch?

@xumia
Copy link
Collaborator Author

xumia commented Aug 12, 2024

@xumia can you help create PR for 202311 and 202405 branch?

For 202311, fix the conflict issue #19880
For 202405, no conflict, @yxieca , please help approve the 202405 request, thanks.

yxieca pushed a commit that referenced this pull request Aug 12, 2024
Why I did it
Cherry-pick from #19577
[Security] Fix krb5 CVE-2024-37370

How I did it
Upgrade krb5 to version 1.18.3-6+deb11u5+fips
@yxieca
Copy link
Contributor

yxieca commented Aug 12, 2024

@bingwang-ms to take it to 202405.

mssonicbld pushed a commit to mssonicbld/sonic-buildimage that referenced this pull request Aug 23, 2024
Why I did it
[Security] Fix krb5 CVE-2024-37370

Work item tracking
Microsoft ADO (number only): 28432951
How I did it
Upgrade krb5 to version 1.18.3-6+deb11u5+fips
@mssonicbld
Copy link
Collaborator

Cherry-pick PR to 202405: #20007

mssonicbld pushed a commit that referenced this pull request Sep 7, 2024
Why I did it
[Security] Fix krb5 CVE-2024-37370

Work item tracking
Microsoft ADO (number only): 28432951
How I did it
Upgrade krb5 to version 1.18.3-6+deb11u5+fips
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants