[ubuntu/oracular-proposed] frr 10.0.1-0.1ubuntu2 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Tue Sep 10 13:04:14 UTC 2024 

frr (10.0.1-0.1ubuntu2) oracular; urgency=medium

  * SECURITY UPDATE: BGP overflow via TLV value
    - debian/patches/CVE-2024-44070.patch: check the actual remaining
      stream length before taking TLV value in bgpd/bgp_attr.c.
    - CVE-2024-44070

Date: Tue, 10 Sep 2024 07:35:31 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/frr/10.0.1-0.1ubuntu2
-------------- next part --------------
Format: 1.8
Date: Tue, 10 Sep 2024 07:35:31 -0400
Source: frr
Built-For-Profiles: noudeb
Architecture: source
Version: 10.0.1-0.1ubuntu2
Distribution: oracular
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Changes:
 frr (10.0.1-0.1ubuntu2) oracular; urgency=medium
 .
   * SECURITY UPDATE: BGP overflow via TLV value
     - debian/patches/CVE-2024-44070.patch: check the actual remaining
       stream length before taking TLV value in bgpd/bgp_attr.c.
     - CVE-2024-44070
Checksums-Sha1:
 bea815dfcae33d60ac775df2e9218d7fcc60d233 2852 frr_10.0.1-0.1ubuntu2.dsc
 0a8e1dab1cb5c1f6d58aff2e47fa49ac6da8da7c 35800 frr_10.0.1-0.1ubuntu2.debian.tar.xz
 c93ce14cb802b660198a3c6770ca82dd44b5889e 10310 frr_10.0.1-0.1ubuntu2_source.buildinfo
Checksums-Sha256:
 5c178b70e2e9b09c2862fad821fe581f8db48288464d0aee2943e6a30ca5db2d 2852 frr_10.0.1-0.1ubuntu2.dsc
 c2901afd63fb91e64fe39a6a27a08c1b31a1771fe57adbf81b396a11a94a8f00 35800 frr_10.0.1-0.1ubuntu2.debian.tar.xz
 886846fab0d2e8c2757a1fb48499942e9a6eac51716a6d94333d6bf27d1b6a67 10310 frr_10.0.1-0.1ubuntu2_source.buildinfo
Files:
 68b5071cc07522e03d52303157cf7be7 2852 net optional frr_10.0.1-0.1ubuntu2.dsc
 9053f277f74aba5917ebb784a27f99bb 35800 net optional frr_10.0.1-0.1ubuntu2.debian.tar.xz
 6af5a7d434879a343ec25621f1bc609c 10310 net optional frr_10.0.1-0.1ubuntu2_source.buildinfo
Original-Maintainer: David Lamparter <equinox-debian at diac24.net>

More information about the oracular-changes mailing list