-
frr (7.5.1-1.1+deb11u2) bullseye-security; urgency=high
* Non-maintainer upload by the Security Team.
* CVE-2022-36440, CVE-2022-40302, CVE-2022-40318, CVE-2022-43681:
Denial of service with maliciously construct BGP OPEN packet
(Closes: #1035829).
* CVE-2023-31490: Denial of service caused by malformed SRv6 L3
service attribute (Closes: #1036062).
* CVE-2023-38802: Denial of service caused by corrupted
Tunnel Encapsulation attribute.
* CVE-2023-41358: Denial of service while processing NLRIs with
zero length attribute.
-- Aron Xu <email address hidden> Fri, 01 Sep 2023 12:27:31 +0800
-
frr (7.5.1-1.1+deb11u1) bullseye-security; urgency=high
* Non-maintainer upload by the Security Team.
* CVE-2022-37032: out-of-bounds read in BGP daemon that could lead to
segmentation fault and denial of service.
-- Aron Xu <email address hidden> Fri, 24 Feb 2023 17:14:19 +0800
-
frr (7.5.1-1.1) unstable; urgency=medium
* Non-maintainer upload.
* Backport upstream fix for compatibility with the bullseye
libyang1. (Closes: #990585)
-- Adrian Bunk <email address hidden> Sun, 11 Jul 2021 19:15:04 +0300