Merge pull request #1566 from flatcar/krnowak/weekly-fixes

Changelog and accept keywords fixes
flatcar · Jan 12, 2024 · 0f5ffaa · 0f5ffaa
2 parents 8be6770 + 1c34cfb
commit 0f5ffaa
Show file tree

Hide file tree

Showing 3 changed files with 2 additions and 6 deletions.
diff --git a/changelog/security/2024-01-05-openssh-update.md b/changelog/security/2024-01-05-openssh-update.md
@@ -1 +1 @@
-- openssh ([CVE-2023-48795](https://nvd.nist.gov/vuln/detail/CVE-2023-48795))
+- openssh ([CVE-2023-48795](https://nvd.nist.gov/vuln/detail/CVE-2023-48795), [CVE-2023-51384](https://nvd.nist.gov/vuln/detail/CVE-2023-51384), [CVE-2023-51385](https://nvd.nist.gov/vuln/detail/CVE-2023-51385))
diff --git a/changelog/security/2024-01-05-weekly-updates.md b/changelog/security/2024-01-05-weekly-updates.md
@@ -5,4 +5,3 @@
 - gnutls ([CVE-2023-5981](https://nvd.nist.gov/vuln/detail/CVE-2023-5981))
 - curl ([CVE-2023-46218](https://nvd.nist.gov/vuln/detail/CVE-2023-46218), [CVE-2023-46219](https://nvd.nist.gov/vuln/detail/CVE-2023-46219))
 - binutils ([CVE-2023-1972](https://nvd.nist.gov/vuln/detail/CVE-2023-1972))
-- zlib ([CVE-2023-45853](https://nvd.nist.gov/vuln/detail/CVE-2023-45853))
diff --git a/sdk_container/src/third_party/coreos-overlay/profiles/coreos/base/package.accept_keywords b/sdk_container/src/third_party/coreos-overlay/profiles/coreos/base/package.accept_keywords
@@ -24,15 +24,12 @@
 # Needed by arm64-native SDK.
 =app-emulation/open-vmdk-1.0 *
 
-# Needed for addressing CVE-2023-50246 and CVE-2023-50268.
+# Needed for addressing CVE-2023-50246, CVE-2023-50268
 =app-misc/jq-1.7.1 ~amd64 ~arm64
 
 # Keep versions on both arches in sync.
 =app-misc/pax-utils-1.3.7 ~amd64
 
-# Needed for addressing CVE-2023-50246, CVE-2023-50268
-=app-misc/jq-1.7.1 ~amd64 ~arm64
-
 # Required for addressing CVE-2022-3715.
 =app-shells/bash-5.2_p21-r1 ~amd64 ~arm64