------------------------------------------------------------------------- Debian LTS Advisory DLA-3573-1 debian-lts@lists.debian.org https://www.debian.org/lts/security/ Markus Koschany September 19, 2023 https://wiki.debian.org/LTS ------------------------------------------------------------------------- Package : frr Version : 7.5.1-1.1+deb10u1 CVE ID : CVE-2022-36440 CVE-2022-40302 CVE-2022-40318 CVE-2022-43681 CVE-2023-31490 CVE-2023-38802 CVE-2023-41358 CVE-2023-41360 CVE-2023-41361 CVE-2023-41909 Debian Bug : 1035829 1036062 Multiple security vulnerabilities were found in frr, the FRRouting suite of internet protocols. Maliciously constructed Border Gateway Protocol (BGP) packages or corrupted tunnel attributes may cause a denial of service (application crash) which could be exploited by a remote attacker. For Debian 10 buster, these problems have been fixed in version 7.5.1-1.1+deb10u1. We recommend that you upgrade your frr packages. For the detailed security status of frr please refer to its security tracker page at: https://security-tracker.debian.org/tracker/frr Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS
Attachment:
signature.asc
Description: This is a digitally signed message part