Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[Security] Upgrade the OpenSSL/OpenSSH to fix CVE alerts (sonic-net#1…
…6902) ### Why I did it [Security] Upgrade the OpenSSL/OpenSSH to fix CVE alerts Upgrade OpenSSL to 1.1.1n-0+deb11u5 Fix CVEs: CVE-2023-0464 (Excessive Resource Usage Verifying X.509 Policy CVE-2023-0465 (Invalid certificate policies in leaf certificates are CVE-2023-0466 (Certificate policy check not enabled). CVE-2022-4304 (Timing Oracle in RSA Decryption). CVE-2023-2650 (Possible DoS translating ASN.1 object identifiers). Upgrade OpenSSH to 8.4p1-5+deb11u2 Fix CVEs: CVE-2023-38408 (Lacks SSH agent restriction) ##### Work item tracking - Microsoft ADO **(number only)**: 25506776 #### How I did it Upgrade the OpenSSL/OpenSSH package version and fix the UT failure. #### How to verify it Verified by UTs with and without FIPS enabled.
- Loading branch information