-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sat, 27 Jul 2024 02:19:29 +0200
Source: frr
Architecture: source
Version: 10.0.1-0.1
Distribution: unstable
Urgency: medium
Maintainer: David Lamparter <equinox-debian@diac24.net>
Changed-By: Daniel Baumann <daniel.baumann@progress-linux.org>
Closes: 1070377 1072125 1072126
Changes:
frr (10.0.1-0.1) unstable; urgency=medium
.
* Non-maintainer upload.
* New upstream release:
- an attacker using a malformed Prefix SID attribute in a BGP UPDATE
packet can cause the bgpd daemon to crash [CVE-2024-31948]
(Closes: #1072126)
- an infinite loop can occur when receiving a MP/GR capability as a
dynamic capability because malformed data results in a pointer not
advancing [CVE-2024-31949] (Closes: #1072125)
- there can be a buffer overflow and daemon crash in ospf_te_parse_ri for
OSPF LSA packets during an attempt to read Segment Routing subTLVs (their
size is not validated) [CVE-2024-31950] (Closes: #1070377)
- there can be a buffer overflow and daemon crash in
ospf_te_parse_ext_link for OSPF LSA packets during an attempt to read
Segment Routing Adjacency SID subTLVs (lengths are not validated)
[CVE-2024-31951 (Closes: #1070377)
- ospf_te_parse_te in ospfd/ospf_te.c allows remote attackers to cause a
denial of service (ospfd daemon crash) via a malformed OSPF LSA packet,
because of an attempted access to a missing attribute field
[CVE-2024-27913]
- it is possible for the get_edge() function in ospf_te.c in the OSPF
daemon to return a NULL pointer. In cases where calling functions do not
handle the returned NULL value, the OSPF daemon crashes, leading to denial
of service [CVE-2024-34088] (Closes: #1070377)
Checksums-Sha1:
28a97a49ede8552ab07b0e856ffd874bd474dbde 2745 frr_10.0.1-0.1.dsc
4fe1a8fe93e0d71e25727a96958a48a6006d3697 8252364 frr_10.0.1.orig.tar.xz
cf94fa614c879a7108c7fa633ae4206541d81ac1 32944 frr_10.0.1-0.1.debian.tar.xz
37ec2b722c6f9f95fbc0d625582e5c9e74fdd927 11585 frr_10.0.1-0.1_amd64.buildinfo
Checksums-Sha256:
e9e339c73fffd9600771581c5307b73330f0a1f5feec7b659f6280e4679288fd 2745 frr_10.0.1-0.1.dsc
9f4eccc4b165f0593e5d49085ad4d31ddf7f05043fb068ce8ce99340d7a37728 8252364 frr_10.0.1.orig.tar.xz
9e9e8561086100d0fe1817855936e8fe90687c0bdab150ae03d349bdea37543e 32944 frr_10.0.1-0.1.debian.tar.xz
d664634b77a70ca65f18f4d4038b6e666da1a96447f51b21acf69b821a98d0f1 11585 frr_10.0.1-0.1_amd64.buildinfo
Files:
ce94cef8062218a8e832d2d3a0f27815 2745 net optional frr_10.0.1-0.1.dsc
51de4f8c64f3455b98da16ce6b71c510 8252364 net optional frr_10.0.1.orig.tar.xz
d0b3e53988fb6ec2b691b4b73138587e 32944 net optional frr_10.0.1-0.1.debian.tar.xz
de8ee300bde7f6648506e5b865bd91dc 11585 net optional frr_10.0.1-0.1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEgTbtJcfWfpLHSkKSVc8b+YaruccFAmakQKoACgkQVc8b+Yar
ucfCFQ/9GlkMsoIB0ERXcv0sBJ9yfQ2MgA64hqI5MpYvUjKxvGwcMsnLUEs7MqAF
kQ+4/NFVY/qzG26UCM2mQRzT+SdP7UsnSgjtouYP5NbaSroB2iyXL59pRnx8VEzN
hsoFmzhhml/BF/wFRnEIFbiml27Eg5NMtwSyWd/1+LN1FPVlcZtHHBDeBtfOfOnz
K7nDrwHI1fZge0AiDb+WVVpdHZP8zYeEwmnwoQDOB6B6ai+UEM13RpfbE2i8fcLS
+wn283CAyqKJBc/jibsuijMI5KCjgvoImo6blgajLc7S2KdXA907UpAW5piCfSO/
fFpY2nhNdudwJoQlj0W4z3NN+E4gDSQMIP6S2I6ubrHL9aGrk1gYwrGgIkIXmcBd
pyqyjWNY36I/0JdJLa9HZqpY232aC6c6wG2zsWpaez6BiXwN/7T6H1LBUoh68j6O
bQI25dM0xULg9Us/mAgZ93OMiqaETSjZq/JMOk6A7TyA1iwJ1vLO1W02rjLOrHGl
3d6sve3bX1G927h1HAW8gvvVhxetHwqaWc+Q/6c5eFhF2izzAmKlxcsMoFeYpXdK
2lYr0Gz9emBBRo0E44ntlIrFSXl65A37kRhpLn4w9HmXFViq3+TTk+7zeZbGaYNK
ymiTfxVW8PNMKi0orNx4nnLmlurKvMGROv6y4pSm9+0NDukl3Hc=
=UKix
-----END PGP SIGNATURE-----
Attachment:
pgpxjkyrAglaX.pgp
Description: PGP signature