[Git][security-tracker-team/security-tracker][master] new openbgpd issue

Moritz Muehlenhoff (@jmm) jmm at debian.org
Thu Aug 31 08:08:05 BST 2023



Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
2f0d5838 by Moritz Muehlenhoff at 2023-08-31T09:07:39+02:00
new openbgpd issue

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -265,7 +265,8 @@ CVE-2023-38802 (FRRouting FRR 7.5.1 through 9.0 and Pica8 PICOS 4.3.3.2 allow a
 	- frr <unfixed>
 	NOTE: https://blog.benjojo.co.uk/post/bgp-path-attributes-grave-error-handling
 CVE-2023-38283 (In OpenBGPD before 8.1, incorrect handling of BGP update data (length  ...)
-	TODO: check
+	- openbgpd 8.1-1
+	NOTE: https://ftp.openbsd.org/pub/OpenBSD/patches/7.3/common/006_bgpd.patch.sig
 CVE-2023-34039 (Aria Operations for Networks contains an Authentication Bypass vulnera ...)
 	NOT-FOR-US: VMware
 CVE-2023-4586



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2f0d5838c400a4dd46607c38971681ad09b2d906

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2f0d5838c400a4dd46607c38971681ad09b2d906
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230831/bc869c85/attachment.htm>


More information about the debian-security-tracker-commits mailing list