diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-08-05 09:55:47 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-08-05 09:55:47 +0000 |
commit | e4cbc60200aba79ffca780f4d24618629e3be9cc (patch) | |
tree | ad4bb7b0853404310c7abfec3ab03b239f663fb2 /debian/changelog | |
parent | Merging upstream version 10.0.1. (diff) | |
download | frr-e4cbc60200aba79ffca780f4d24618629e3be9cc.tar.xz frr-e4cbc60200aba79ffca780f4d24618629e3be9cc.zip |
Adding debian version 10.0.1-0.1.debian/10.0.1-0.1
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'debian/changelog')
-rw-r--r-- | debian/changelog | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/debian/changelog b/debian/changelog index 00ce448..f0c94d9 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,31 @@ +frr (10.0.1-0.1) unstable; urgency=medium + + * Non-maintainer upload. + * New upstream release: + - an attacker using a malformed Prefix SID attribute in a BGP UPDATE + packet can cause the bgpd daemon to crash [CVE-2024-31948] + (Closes: #1072126) + - an infinite loop can occur when receiving a MP/GR capability as a + dynamic capability because malformed data results in a pointer not + advancing [CVE-2024-31949] (Closes: #1072125) + - there can be a buffer overflow and daemon crash in ospf_te_parse_ri for + OSPF LSA packets during an attempt to read Segment Routing subTLVs (their + size is not validated) [CVE-2024-31950] (Closes: #1070377) + - there can be a buffer overflow and daemon crash in + ospf_te_parse_ext_link for OSPF LSA packets during an attempt to read + Segment Routing Adjacency SID subTLVs (lengths are not validated) + [CVE-2024-31951 (Closes: #1070377) + - ospf_te_parse_te in ospfd/ospf_te.c allows remote attackers to cause a + denial of service (ospfd daemon crash) via a malformed OSPF LSA packet, + because of an attempted access to a missing attribute field + [CVE-2024-27913] + - it is possible for the get_edge() function in ospf_te.c in the OSPF + daemon to return a NULL pointer. In cases where calling functions do not + handle the returned NULL value, the OSPF daemon crashes, leading to denial + of service [CVE-2024-34088] (Closes: #1070377) + + -- Daniel Baumann <daniel.baumann@progress-linux.org> Sat, 27 Jul 2024 02:19:29 +0200 + frr (10.0-2) unstable; urgency=medium * fix build on hppa |