-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sat, 27 Jul 2024 02:19:29 +0200 Source: frr Architecture: source Version: 10.0.1-0.1 Distribution: unstable Urgency: medium Maintainer: David Lamparter <equinox-debian@diac24.net> Changed-By: Daniel Baumann <daniel.baumann@progress-linux.org> Closes: 1070377 1072125 1072126 Changes: frr (10.0.1-0.1) unstable; urgency=medium . * Non-maintainer upload. * New upstream release: - an attacker using a malformed Prefix SID attribute in a BGP UPDATE packet can cause the bgpd daemon to crash [CVE-2024-31948] (Closes: #1072126) - an infinite loop can occur when receiving a MP/GR capability as a dynamic capability because malformed data results in a pointer not advancing [CVE-2024-31949] (Closes: #1072125) - there can be a buffer overflow and daemon crash in ospf_te_parse_ri for OSPF LSA packets during an attempt to read Segment Routing subTLVs (their size is not validated) [CVE-2024-31950] (Closes: #1070377) - there can be a buffer overflow and daemon crash in ospf_te_parse_ext_link for OSPF LSA packets during an attempt to read Segment Routing Adjacency SID subTLVs (lengths are not validated) [CVE-2024-31951 (Closes: #1070377) - ospf_te_parse_te in ospfd/ospf_te.c allows remote attackers to cause a denial of service (ospfd daemon crash) via a malformed OSPF LSA packet, because of an attempted access to a missing attribute field [CVE-2024-27913] - it is possible for the get_edge() function in ospf_te.c in the OSPF daemon to return a NULL pointer. In cases where calling functions do not handle the returned NULL value, the OSPF daemon crashes, leading to denial of service [CVE-2024-34088] (Closes: #1070377) Checksums-Sha1: 28a97a49ede8552ab07b0e856ffd874bd474dbde 2745 frr_10.0.1-0.1.dsc 4fe1a8fe93e0d71e25727a96958a48a6006d3697 8252364 frr_10.0.1.orig.tar.xz cf94fa614c879a7108c7fa633ae4206541d81ac1 32944 frr_10.0.1-0.1.debian.tar.xz 37ec2b722c6f9f95fbc0d625582e5c9e74fdd927 11585 frr_10.0.1-0.1_amd64.buildinfo Checksums-Sha256: e9e339c73fffd9600771581c5307b73330f0a1f5feec7b659f6280e4679288fd 2745 frr_10.0.1-0.1.dsc 9f4eccc4b165f0593e5d49085ad4d31ddf7f05043fb068ce8ce99340d7a37728 8252364 frr_10.0.1.orig.tar.xz 9e9e8561086100d0fe1817855936e8fe90687c0bdab150ae03d349bdea37543e 32944 frr_10.0.1-0.1.debian.tar.xz d664634b77a70ca65f18f4d4038b6e666da1a96447f51b21acf69b821a98d0f1 11585 frr_10.0.1-0.1_amd64.buildinfo Files: ce94cef8062218a8e832d2d3a0f27815 2745 net optional frr_10.0.1-0.1.dsc 51de4f8c64f3455b98da16ce6b71c510 8252364 net optional frr_10.0.1.orig.tar.xz d0b3e53988fb6ec2b691b4b73138587e 32944 net optional frr_10.0.1-0.1.debian.tar.xz de8ee300bde7f6648506e5b865bd91dc 11585 net optional frr_10.0.1-0.1_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEgTbtJcfWfpLHSkKSVc8b+YaruccFAmakQKoACgkQVc8b+Yar ucfCFQ/9GlkMsoIB0ERXcv0sBJ9yfQ2MgA64hqI5MpYvUjKxvGwcMsnLUEs7MqAF kQ+4/NFVY/qzG26UCM2mQRzT+SdP7UsnSgjtouYP5NbaSroB2iyXL59pRnx8VEzN hsoFmzhhml/BF/wFRnEIFbiml27Eg5NMtwSyWd/1+LN1FPVlcZtHHBDeBtfOfOnz K7nDrwHI1fZge0AiDb+WVVpdHZP8zYeEwmnwoQDOB6B6ai+UEM13RpfbE2i8fcLS +wn283CAyqKJBc/jibsuijMI5KCjgvoImo6blgajLc7S2KdXA907UpAW5piCfSO/ fFpY2nhNdudwJoQlj0W4z3NN+E4gDSQMIP6S2I6ubrHL9aGrk1gYwrGgIkIXmcBd pyqyjWNY36I/0JdJLa9HZqpY232aC6c6wG2zsWpaez6BiXwN/7T6H1LBUoh68j6O bQI25dM0xULg9Us/mAgZ93OMiqaETSjZq/JMOk6A7TyA1iwJ1vLO1W02rjLOrHGl 3d6sve3bX1G927h1HAW8gvvVhxetHwqaWc+Q/6c5eFhF2izzAmKlxcsMoFeYpXdK 2lYr0Gz9emBBRo0E44ntlIrFSXl65A37kRhpLn4w9HmXFViq3+TTk+7zeZbGaYNK ymiTfxVW8PNMKi0orNx4nnLmlurKvMGROv6y4pSm9+0NDukl3Hc= =UKix -----END PGP SIGNATURE-----
