summaryrefslogtreecommitdiffstats
path: root/debian/changelog
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-08-05 09:55:47 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-08-05 09:55:47 +0000
commite4cbc60200aba79ffca780f4d24618629e3be9cc (patch)
treead4bb7b0853404310c7abfec3ab03b239f663fb2 /debian/changelog
parentMerging upstream version 10.0.1. (diff)
downloadfrr-e4cbc60200aba79ffca780f4d24618629e3be9cc.tar.xz
frr-e4cbc60200aba79ffca780f4d24618629e3be9cc.zip
Adding debian version 10.0.1-0.1.debian/10.0.1-0.1
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'debian/changelog')
-rw-r--r--debian/changelog28
1 files changed, 28 insertions, 0 deletions
diff --git a/debian/changelog b/debian/changelog
index 00ce448..f0c94d9 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,31 @@
+frr (10.0.1-0.1) unstable; urgency=medium
+
+ * Non-maintainer upload.
+ * New upstream release:
+ - an attacker using a malformed Prefix SID attribute in a BGP UPDATE
+ packet can cause the bgpd daemon to crash [CVE-2024-31948]
+ (Closes: #1072126)
+ - an infinite loop can occur when receiving a MP/GR capability as a
+ dynamic capability because malformed data results in a pointer not
+ advancing [CVE-2024-31949] (Closes: #1072125)
+ - there can be a buffer overflow and daemon crash in ospf_te_parse_ri for
+ OSPF LSA packets during an attempt to read Segment Routing subTLVs (their
+ size is not validated) [CVE-2024-31950] (Closes: #1070377)
+ - there can be a buffer overflow and daemon crash in
+ ospf_te_parse_ext_link for OSPF LSA packets during an attempt to read
+ Segment Routing Adjacency SID subTLVs (lengths are not validated)
+ [CVE-2024-31951 (Closes: #1070377)
+ - ospf_te_parse_te in ospfd/ospf_te.c allows remote attackers to cause a
+ denial of service (ospfd daemon crash) via a malformed OSPF LSA packet,
+ because of an attempted access to a missing attribute field
+ [CVE-2024-27913]
+ - it is possible for the get_edge() function in ospf_te.c in the OSPF
+ daemon to return a NULL pointer. In cases where calling functions do not
+ handle the returned NULL value, the OSPF daemon crashes, leading to denial
+ of service [CVE-2024-34088] (Closes: #1070377)
+
+ -- Daniel Baumann <daniel.baumann@progress-linux.org> Sat, 27 Jul 2024 02:19:29 +0200
+
frr (10.0-2) unstable; urgency=medium
* fix build on hppa