[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 3573-1] frr security update

Debian LTS Advisory DLA-3573-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                      Markus Koschany
September 19, 2023                            https://wiki.debian.org/LTS

Package        : frr
Version        : 7.5.1-1.1+deb10u1
CVE ID         : CVE-2022-36440 CVE-2022-40302 CVE-2022-40318 CVE-2022-43681 
                 CVE-2023-31490 CVE-2023-38802 CVE-2023-41358 CVE-2023-41360 
                 CVE-2023-41361 CVE-2023-41909
Debian Bug     : 1035829 1036062

Multiple security vulnerabilities were found in frr, the FRRouting suite
of internet protocols. Maliciously constructed Border Gateway Protocol
(BGP) packages or corrupted tunnel attributes may cause a denial of service
(application crash) which could be exploited by a remote attacker.

For Debian 10 buster, these problems have been fixed in version

We recommend that you upgrade your frr packages.

For the detailed security status of frr please refer to
its security tracker page at:

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

Attachment: signature.asc
Description: This is a digitally signed message part

Reply to: