[ubuntu/lunar-security] frr 8.4.2-1ubuntu1.1 (Accepted)

Marc Deslauriers marc.deslauriers at canonical.com
Mon Jun 5 13:49:41 UTC 2023

frr (8.4.2-1ubuntu1.1) lunar-security; urgency=medium

  * SECURITY UPDATE: denial of service via bgp_capability_llgr()
    - debian/patches/CVE-2023-31489.patch: check 7 bytes for Long-lived
      Graceful-Restart capability in bgpd/bgp_open.c.
    - CVE-2023-31489
  * SECURITY UPDATE: denial of service via bgp_attr_psid_sub()
    - debian/patches/CVE-2023-31490.patch: ensure stream received has
      enough data in bgpd/bgp_attr.c.
    - CVE-2023-31490

Date: 2023-06-02 19:00:07.855100+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
-------------- next part --------------
Sorry, changesfile not available.

More information about the lunar-changes mailing list