Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
fc98b78d by Ola Lundqvist at 2023-04-18T23:43:31+02:00
Concluded that frr package does not need an update for buster. The
vilnerability at hand is clearly less problematic than many other open
vulnerabilities to this package. Remote code execution + DoS is more
problematic than just a DoS problem.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -62398,6 +62398,7 @@ CVE-2022-36441 (An issue was discovered in Zebra
Enterprise Home Screen 4.1.19.
NOT-FOR-US: Zebra Enterprise Home Screen
CVE-2022-36440 (A reachable assertion was found in Frrouting frr-bgpd 8.3.0 in
the pee ...)
- frr 8.4.1-1
+ [buster] - frr <no-dsa> (Minor issue)
NOTE: https://github.com/FRRouting/frr/issues/13202
NOTE:
https://github.com/FRRouting/frrcommit/3e46b43e3788f0f87bae56a86b54d412b4710286
(base_8.4)
NOTE: https://github.com/spwpun/pocs/blob/main/frr-bgpd.md
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fc98b78db2d300ba05645898550ba0e185d59db8
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fc98b78db2d300ba05645898550ba0e185d59db8
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
