frr mark as fixed in bullseye - frr 7.5.1-1.1+deb11u3

Tobias Frost (@tobi) Fri, 18 Oct 2024 07:36:49 -0700


Tobias Frost pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
dcf1dbb4 by Tobias Frost at 2024-10-18T16:19:58+02:00
CVE-2023-41909/frr mark as fixed in bullseye - frr 7.5.1-1.1+deb11u3

Missing entry in changelog, was acutally fixed in 7.5.1-1.1+deb10u1 for buster 
and was not mentioned when uploading the same version to bullseye.

- - - - -


2 changed files:

- data/CVE/list
- data/DLA/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -98364,8 +98364,9 @@ CVE-2023-41910 (An issue was discovered in lldpd before 
1.0.17. By crafting a CD
        - lldpd 1.0.17-1
        NOTE: Fixed by: 
https://github.com/lldpd/lldpd/commit/a9aeabdf879c25c584852a0bb5523837632f099b 
(1.0.17)
 CVE-2023-41909 (An issue was discovered in FRRouting FRR through 9.0. 
bgp_nlri_parse_f ...)
-       {DLA-3573-1}
+       {DLA-3573-1 DLA-3865-1}
        - frr 8.4.4-1
+       [bullseye] - frr 7.5.1-1.1+deb11u3
        NOTE: 
https://github.com/FRRouting/frr/commit/cfd04dcb3e689754a72507d086ba3b9709fc5ed8
 (frr-9.0)
        NOTE: 
https://github.com/FRRouting/frr/commit/cc1a551cb007cc8ed8b1ea0605a7ab46c16de12b
 (frr-8.5.1)
        NOTE: 
https://github.com/FRRouting/frr/commit/0a12b878082f77b67ad5d9b4782846ac738575a2
 (frr-8.4.4)


=====================================
data/DLA/list
=====================================
@@ -166,7 +166,7 @@
        {CVE-2022-31163}
        [bullseye] - ruby-tzinfo 1.2.6-1+deb11u1
 [03 Sep 2024] DLA-3865-1 frr - security update
-       {CVE-2022-26125 CVE-2022-26126 CVE-2022-26127 CVE-2022-26128 
CVE-2022-26129 CVE-2022-37035 CVE-2023-38406 CVE-2023-38407 CVE-2023-46752 
CVE-2023-46753 CVE-2023-47234 CVE-2023-47235 CVE-2024-31948 CVE-2024-31949 
CVE-2024-44070}
+       {CVE-2022-26125 CVE-2022-26126 CVE-2022-26127 CVE-2022-26128 
CVE-2022-26129 CVE-2022-37035 CVE-2023-38406 CVE-2023-38407 CVE-2023-41909 
CVE-2023-46752 CVE-2023-46753 CVE-2023-47234 CVE-2023-47235 CVE-2024-31948 
CVE-2024-31949 CVE-2024-44070}
        [bullseye] - frr 7.5.1-1.1+deb11u3
 [02 Sep 2024] DLA-3864-1 webkit2gtk - security update
        {CVE-2024-4558 CVE-2024-40776 CVE-2024-40779 CVE-2024-40780 
CVE-2024-40782 CVE-2024-40785 CVE-2024-40789 CVE-2024-40794}



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dcf1dbb461ebec1821a7d05fd1169af5c5c2725d

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dcf1dbb461ebec1821a7d05fd1169af5c5c2725d
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] CVE-2023-41909/frr mark as fixed in bullseye - frr 7.5.1-1.1+deb11u3

Reply via email to