Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-changes@lists.debian.org>
Subject: Accepted frr 7.5.1-1.1+deb11u2 (source) into oldstable-proposed-updates
Date: Tue, 12 Sep 2023 17:17:28 +0000
Signed by: Aron Xu <aron@debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Fri, 01 Sep 2023 12:27:31 +0800
Source: frr
Architecture: source
Version: 7.5.1-1.1+deb11u2
Distribution: bullseye-security
Urgency: high
Maintainer: David Lamparter <equinox-debian@diac24.net>
Changed-By: Aron Xu <aron@debian.org>
Closes: 1035829 1036062
Changes:
 frr (7.5.1-1.1+deb11u2) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * CVE-2022-36440, CVE-2022-40302, CVE-2022-40318, CVE-2022-43681:
     Denial of service with maliciously construct BGP OPEN packet
     (Closes: #1035829).
   * CVE-2023-31490: Denial of service caused by malformed SRv6 L3
     service attribute (Closes: #1036062).
   * CVE-2023-38802: Denial of service caused by corrupted
     Tunnel Encapsulation attribute.
   * CVE-2023-41358: Denial of service while processing NLRIs with
     zero length attribute.
Checksums-Sha1:
 a7d908ce0fb2a65ba5ce72901d050902748518e2 2287 frr_7.5.1-1.1+deb11u2.dsc
 0827aedf82f6e44a3116afd2fbfb5fca74d5d479 34096 frr_7.5.1-1.1+deb11u2.debian.tar.xz
 2a84253426b6797268238724c7e6c8999e857519 8106 frr_7.5.1-1.1+deb11u2_source.buildinfo
Checksums-Sha256:
 f374798eaae32e10a1c0721181c88c07aa8d70a18c07e94d504abda8f07bbf19 2287 frr_7.5.1-1.1+deb11u2.dsc
 98a19282f795a65e2e104b5254947afd7bf0f375d115f123e27a48372b4efefa 34096 frr_7.5.1-1.1+deb11u2.debian.tar.xz
 24ec8f8682e2f23337f26180454e9c5bd2c6f4cf81726401136f0759f97ce5e5 8106 frr_7.5.1-1.1+deb11u2_source.buildinfo
Files:
 a07602544e027cade4ffab8cff96b525 2287 net optional frr_7.5.1-1.1+deb11u2.dsc
 f340cd118ef732330033d1ac49b5706f 34096 net optional frr_7.5.1-1.1+deb11u2.debian.tar.xz
 2bc53635a7e44849fc61a0669bd11f48 8106 net optional frr_7.5.1-1.1+deb11u2_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQEzBAEBCAAdFiEEhhz+aYQl/Bp4OTA7O1LKKgqv2VQFAmTxpWoACgkQO1LKKgqv
2VQIMwf9Ey4eqHd8G1ipYUDlPR11iyLuywUqTjM/02DcZuPH+jZGhE+bdi9iojyd
a7qTJ/WQ0lJ+TWhZ0UIF8qlj8cWQf96nriNpf8Fe6DZ1J1LFdnTINWcJLvgQ0iCm
Mmq0PuvUTW7KjTAZC9apaSSIPUFkEEtlUuKqQ624++NiGMZs95bD6nQzPIHCG3yA
TXCREoXwvUDEzUiiO/kh6h/S5vlheLnYI9xvetxhcMl2BVGWtsNFAlZWScGmZQ7z
IZbeeNcgrBYZy4BzHw/cNf6HtUIkvrw84C/mgKmR1lHM5+FOT9nHTQkgYr6L/oRS
yEInY3potu0i6SM8rpVW6CtJ9/xn2A==
=PuKm
-----END PGP SIGNATURE-----

News for package frr