[Git][security-tracker-team/security-tracker][master] Track fixed version for frr issues fixed via unstable upload
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
cc8373e9 by Salvatore Bonaccorso at 2024-07-27T07:52:26+02:00
Track fixed version for frr issues fixed via unstable upload
- - - - -
1 changed file:
- data/CVE/list
Changes:
=
data/CVE/list
=
@@ -27561,7 +27561,7 @@ CVE-2024-3411 (Implementations of IPMI Authenticated
sessions does not provide e
CVE-2024-3072 (The ACF Front End Editor plugin for WordPress is vulnerable to
unautho ...)
NOT-FOR-US: WordPress plugin
CVE-2024-34088 (In FRRouting (FRR) through 9.1, it is possible for the
get_edge() func ...)
- - frr (bug #1070377)
+ - frr 10.0.1-0.1 (bug #1070377)
[bullseye] - frr (Vulnerable code introduced later)
[buster] - frr (Vulnerable code introduced later)
NOTE: https://github.com/FRRouting/frr/pull/15674
@@ -34498,7 +34498,7 @@ CVE-2024-3431 (A vulnerability was found in EyouCMS
1.6.5. It has been declared
CVE-2024-3430 (A vulnerability was found in QKSMS up to 3.9.4 on Android. It
has been ...)
NOT-FOR-US: QKSMS
CVE-2024-31951 (In the Opaque LSA Extended Link parser in FRRouting (FRR)
through 9.1, ...)
- - frr (bug #1070377)
+ - frr 10.0.1-0.1 (bug #1070377)
[bullseye] - frr (Vulnerable code not present)
[buster] - frr (Vulnerable code not present)
NOTE: https://github.com/FRRouting/frr/pull/15674/
@@ -34508,7 +34508,7 @@ CVE-2024-31951 (In the Opaque LSA Extended Link parser
in FRRouting (FRR) throug
NOTE:
https://github.com/FRRouting/frr/commit/e08495a4a8ad4d2050691d9e5e13662d2635b2e0
NOTE: vulnerable feature introduced in
https://github.com/FRRouting/frr/commit/f173deb35206a09e8dc22828cb08638e289b72a5
(first shipped with 8.0)
CVE-2024-31950 (In FRRouting (FRR) through 9.1, there can be a buffer overflow
and dae ...)
- - frr (bug #1070377)
+ - frr 10.0.1-0.1 (bug #1070377)
[bullseye] - frr (Vulnerable code not present)
[buster] - frr (Vulnerable code not present)
NOTE: https://github.com/FRRouting/frr/pull/15674/
@@ -34519,12 +34519,12 @@ CVE-2024-31950 (In FRRouting (FRR) through 9.1, there
can be a buffer overflow a
NOTE: vulnerable feature introduced in
https://github.com/FRRouting/frr/commit/f173deb35206a09e8dc22828cb08638e289b72a5
(first shipped with 8.0)
CVE-2024-31949 (In FRRouting (FRR) through 9.1, an infinite loop can occur
when receiv ...)
{DLA-3797-1}
- - frr (bug #1072125)
+ - frr 10.0.1-0.1 (bug #1072125)
NOTE: https://github.com/FRRouting/frr/pull/15640
NOTE: Fixed by:
https://github.com/FRRouting/frr/commit/30a332dad86fafd2b0b6c61d23de59ed969a219b
CVE-2024-31948 (In FRRouting (FRR) through 9.1, an attacker using a malformed
Prefix S ...)
{DLA-3797-1}
- - frr (bug #1072126)
+ - frr 10.0.1-0.1 (bug #1072126)
NOTE: https://github.com/FRRouting/frr/pull/15628
NOTE: Fixed by:
https://github.com/FRRouting/frr/commit/ba6a8f1a31e1a88df2de69ea46068e8bd9b97138
NOTE: Fixed by:
https://github.com/FRRouting/frr/commit/babb23b74855e23c987a63f8256d24e28c044d07
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cc8373e9edbc62f572cd2751bb3c3335fef6cd96
--
This project does not include diff previews in email notifications.
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cc8373e9edbc62f572cd2751bb3c3335fef6cd96
You're receiving this email because of your account on salsa.debian.org.
___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Track fixed version for frr issues
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
d3b02e17 by Salvatore Bonaccorso at 2024-03-09T08:16:52+01:00
Track fixed version for frr issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=
data/CVE/list
=
@@ -3068,7 +3068,7 @@ CVE-2023-51786 (An issue was discovered in Lustre
versions 2.13.x, 2.14.x, and 2
- lustre
NOTE:
http://lists.lustre.org/pipermail/lustre-announce-lustre.org/2024/000270.html
CVE-2024-27913 (ospf_te_parse_te in ospfd/ospf_te.c in FRRouting (FRR) through
9.1 all ...)
- - frr (bug #1065144)
+ - frr 9.1-0.1 (bug #1065144)
NOTE: https://github.com/FRRouting/frr/pull/15431
NOTE: stable/9.0:
https://github.com/FRRouting/frr/commit/aae54e20498974cb026bd0e2649ca3e753090492
(
CVE-2024-26542 (Cross Site Scripting vulnerability in Bonitasoft, S.A v.7.14.
and fixe ...)
@@ -24991,7 +24991,7 @@ CVE-2023-46802 (e-Tax software Version3.0.10 and
earlier improperly restricts XM
CVE-2023-40207 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
NOT-FOR-US: WordPress plugin
CVE-2023-38407 (bgpd/bgp_label.c in FRRouting (FRR) before 8.5 attempts to
read beyond ...)
- - frr (bug #1055852)
+ - frr 9.1-0.1 (bug #1055852)
NOTE: https://github.com/FRRouting/frr/pull/12951
NOTE:
https://github.com/FRRouting/frr/commit/7404a914b0cafe046703c8381903a80d3def8f8b
(base_9.0)
NOTE: https://github.com/FRRouting/frr/pull/12956
@@ -25064,10 +25064,10 @@ CVE-2023-47272 (Roundcube 1.5.x before 1.5.6 and
1.6.x before 1.6.5 allows XSS v
- roundcube 1.6.5+dfsg-1 (bug #1055421)
NOTE:
https://github.com/roundcube/roundcubemail/commit/81ac3c342a4f288deb275590895b52ec3785cf8a
(1.6.5)
CVE-2023-47235 (An issue was discovered in FRRouting FRR through 9.0.1. A
crash can oc ...)
- - frr (bug #1055852)
+ - frr 9.1-0.1 (bug #1055852)
NOTE:
https://github.com/FRRouting/frr/commit/6814f2e0138a6ea5e1f83bdd9085d9a7700b
CVE-2023-47234 (An issue was discovered in FRRouting FRR through 9.0.1. A
crash can oc ...)
- - frr (bug #1055852)
+ - frr 9.1-0.1 (bug #1055852)
NOTE:
https://github.com/FRRouting/frr/commit/c37119df45bbf4ef713bc10475af2ee06e12f3bf
CVE-2023-47233 (The brcm80211 component in the Linux kernel through 6.5.10 has
a brcmf ...)
- linux
@@ -26446,11 +26446,11 @@ CVE-2023-5139 (Potential buffer overflow
vulnerability at the following location
CVE-2023-46754 (The admin panel for Obl.ong before 1.1.2 allows authorization
bypass b ...)
NOT-FOR-US: admin panel for Obl.ong
CVE-2023-46753 (An issue was discovered in FRRouting FRR through 9.0.1. A
crash can oc ...)
- - frr (bug #1055852)
+ - frr 9.1-0.1 (bug #1055852)
NOTE: Fixed by:
https://github.com/FRRouting/frr/commit/d8482bf011cb2b173e85b65b4bf3d5061250cdb9
(master)
NOTE: Fixed by:
https://github.com/FRRouting/frr/commit/21418d64af11553c402f932b0311c812d98ac3e4
(stable/8.5 branch)
CVE-2023-46752 (An issue was discovered in FRRouting FRR through 9.0.1. It
mishandles ...)
- - frr (bug #1055852)
+ - frr 9.1-0.1 (bug #1055852)
NOTE: Fixed by:
https://github.com/FRRouting/frr/commit/b08afc81c60607a4f736f418f2e3eb06087f1a35
(master)
NOTE: Fixed by:
https://github.com/FRRouting/frr/commit/30b5c2a434d25981e16792f6f50162beb517ae4d
(stable/8.5 branch)
CVE-2023-46668 (If Elastic Endpoint (v7.9.0 - v8.10.3) is configured to use a
non-defa ...)
@@ -36327,7 +36327,7 @@ CVE-2023-41363 (In Cerebrate 1.14, a vulnerability in
UserSettingsController all
NOT-FOR-US: Cerebrate
CVE-2023-41361 (An issue was discovered in FRRouting FRR 9.0. bgpd/bgp_open.c
does not ...)
{DLA-3573-1}
- - frr (bug #1055852)
+ - frr 9.1-0.1 (bug #1055852)
[bullseye] - frr (The vulnerable code was introduced
later)
NOTE: https://github.com/FRRouting/frr/pull/14241
NOTE: Fixed by:
https://github.com/FRRouting/frr/commit/b4d09af9194d20a7f9f16995a062f5d8e3d32840
@@ -41494,7 +41494,7 @@ CVE-2023-3750 (A flaw was found in libvirt. The
virStoragePoolObjListSearch func
NOTE: Introduced with:
https://gitlab.com/libvirt/libvirt/-/commit/0c4b391e2a90c3e0f8a8721cb539e03f14eb1d5e
(v8.3.0-rc1)
NOTE: Fixed by:
https://gitlab.com/libvirt/libvirt/-/commit/9a47442366fcf8a7b6d7422016d7bbb6764a1098
(v9.6.0-rc1)
CVE-2023-3748 (A flaw was found in FRRouting when parsing certain babeld
unicast hell ...)
- - frr (bug #1042473)
+ - frr 9.1-0.1 (bug #1042473)
[bullseye] - frr (The vulnerable code was introduced
later)
[buster] - frr (The vulnerable code was introduced later)
NOTE: https://github.com/FRRouting/frr/issues/11808
View it on GitLab:
https://salsa.debian.org/security-tracker-team/secu
[Git][security-tracker-team/security-tracker][master] Track fixed version for frr issues via unstable
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
51044bc6 by Salvatore Bonaccorso at 2023-01-04T06:57:55+01:00
Track fixed version for frr issues via unstable
- - - - -
1 changed file:
- data/CVE/list
Changes:
=
data/CVE/list
=
@@ -35595,7 +35595,7 @@ CVE-2022-37037
CVE-2022-37036
RESERVED
CVE-2022-37035 (An issue was discovered in bgpd in FRRouting (FRR) 8.3. In
bgp_notify_ ...)
- - frr (bug #1016978)
+ - frr 8.4.1-1 (bug #1016978)
[bullseye] - frr (Minor issue)
[buster] - frr (Minor issue)
NOTE: https://github.com/FRRouting/frr/issues/11698
@@ -35605,7 +35605,7 @@ CVE-2022-37033
RESERVED
CVE-2022-37032 (An out-of-bounds read in the BGP daemon of FRRouting FRR
before 8.4 ma ...)
{DLA-3211-1}
- - frr (bug #1021016)
+ - frr 8.4.1-1 (bug #1021016)
NOTE: Fixed by:
https://github.com/FRRouting/frr/commit/ff6db1027f8f36df657ff2e5ea167773752537ed
CVE-2022-37031
RESERVED
@@ -66697,27 +66697,27 @@ CVE-2020-36516 (An issue was discovered in the Linux
kernel through 5.16.11. The
- linux
NOTE: https://dl.acm.org/doi/10.1145/3372297.3417884
CVE-2022-26129 (Buffer overflow vulnerabilities exist in FRRouting through
8.1.0 due t ...)
- - frr (bug #1008010)
+ - frr 8.4.1-1 (bug #1008010)
[bullseye] - frr (Minor issue)
[buster] - frr (Minor issue)
NOTE: https://github.com/FRRouting/frr/issues/10503
CVE-2022-26128 (A buffer overflow vulnerability exists in FRRouting through
8.1.0 due ...)
- - frr (bug #1008010)
+ - frr 8.4.1-1 (bug #1008010)
[bullseye] - frr (Minor issue)
[buster] - frr (Minor issue)
NOTE: https://github.com/FRRouting/frr/issues/10502
CVE-2022-26127 (A buffer overflow vulnerability exists in FRRouting through
8.1.0 due ...)
- - frr (bug #1008010)
+ - frr 8.4.1-1 (bug #1008010)
[bullseye] - frr (Minor issue)
[buster] - frr (Minor issue)
NOTE: https://github.com/FRRouting/frr/issues/10487
CVE-2022-26126 (Buffer overflow vulnerabilities exist in FRRouting through
8.1.0 due t ...)
- - frr (bug #1008010)
+ - frr 8.4.1-1 (bug #1008010)
[bullseye] - frr (Minor issue)
[buster] - frr (Minor issue)
NOTE: https://github.com/FRRouting/frr/issues/10505
CVE-2022-26125 (Buffer overflow vulnerabilities exist in FRRouting through
8.1.0 due t ...)
- - frr (bug #1008010)
+ - frr 8.4.1-1 (bug #1008010)
[bullseye] - frr (Minor issue)
[buster] - frr (Minor issue)
NOTE: https://github.com/FRRouting/frr/issues/10507
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/51044bc682962b4d1adf5032b0707c8a612e4816
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/51044bc682962b4d1adf5032b0707c8a612e4816
You're receiving this email because of your account on salsa.debian.org.
___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
