efs-utils/2.3.3-r0: cve remediation

efs-utils.yaml

@@ -1,7 +1,7 @@
 package:
   name: efs-utils
   version: "2.3.3"
-  epoch: 0
+  epoch: 1 # GHSA-qx2v-8332-m4fv
   description: Utilities for Amazon Elastic File System (EFS)
   copyright:
     - license: MIT
@@ -43,7 +43,7 @@ pipeline:
 
   - uses: patch
     with:
-      patches: GHSA-857q-xmph-p2v5.patch
+      patches: cve-patches.patch
 
   - runs: |
       # This looks a little funny, but it aims to be easier to maintain, so we just
@@ -111,7 +111,7 @@ subpackages:
         pipeline:
           - uses: patch
             with:
-              patches: ../GHSA-857q-xmph-p2v5.patch
+              patches: ../cve-patches.patch
           - runs: |
               # This looks a little funny, but it aims to be easier to maintain, so we just
               # copy from the upstream `build-deb.sh` script the bits we need.

efs-utils/cve-patches.patch

@@ -0,0 +1,33 @@
+From 1553b07a5acf8584b7fda3efacdaa780dcb3ee20 Mon Sep 17 00:00:00 2001
+From: David Negreira <[email protected]>
+Date: Thu, 14 Aug 2025 09:35:16 +0000
+Subject: [PATCH] fix GHSA-857q-xmph-p2v5, GHSA-52xf-5p2m-9wrv,
+ GHSA-qx2v-8332-m4fv
+
+---
+ src/proxy/Cargo.toml | 7 ++++---
+ 1 file changed, 4 insertions(+), 3 deletions(-)
+
+diff --git a/src/proxy/Cargo.toml b/src/proxy/Cargo.toml
+index 24ecbab..9dde427 100644
+--- a/src/proxy/Cargo.toml
++++ b/src/proxy/Cargo.toml
+@@ -20,11 +20,12 @@ log4rs = { version = "1.2.0", features = ["rolling_file_appender", "compound_pol
+ nix = { version = "0.26.2", features = ["signal"]}
+ onc-rpc = "0.2.3"
+ rand = "0.8.5"
+-s2n-tls = "0.0"
+-s2n-tls-tokio = "0.0"
+-s2n-tls-sys = "0.0"
++s2n-tls = "0.3.0"
++s2n-tls-tokio = "0.3.0"
++s2n-tls-sys = "0.3.0"
+ serde = {version="1.0.175",features=["derive"]}
+ serde_ini = "0.2.0"
++slab = "0.4.11"
+ thiserror = "1.0.44"
+ tokio = { version = "1.29.0, <1.39", features = ["full"] }
+ tokio-util = "0.7.8"
+-- 
+2.47.2
+