[Git][security-tracker-team/security-tracker][master] Reference backports for CVE-2023-38802

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
178d6c2d by Salvatore Bonaccorso at 2023-09-01T19:32:56+02:00
Reference backports for CVE-2023-38802

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -528,7 +528,9 @@ CVE-2023-38802 (FRRouting FRR 7.5.1 through 9.0 and Pica8 PICOS 4.3.3.2 allow a
 	- frr <unfixed>
 	NOTE: https://blog.benjojo.co.uk/post/bgp-path-attributes-grave-error-handling
 	NOTE: https://github.com/FRRouting/frr/pull/14290
-	NOTE: https://github.com/FRRouting/frr/pull/14290/commits/bcb6b58d9530173df41d3a3cbc4c600ee0b4b186
+	NOTE: https://github.com/FRRouting/frr/commit/bcb6b58d9530173df41d3a3cbc4c600ee0b4b186
+	NOTE: Backport for stable/8.4: https://github.com/FRRouting/frr/pull/14295
+	NOTE: https://github.com/FRRouting/frr/commit/46817adab03802355c3cce7b753c7a735bdcc5ae
 CVE-2023-38283 (In OpenBGPD before 8.1, incorrect handling of BGP update data (length  ...)
 	- openbgpd 8.1-1
 	NOTE: https://ftp.openbsd.org/pub/OpenBSD/patches/7.3/common/006_bgpd.patch.sig



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/178d6c2d3cfcd7c97b4fa70e1caf1dbd8b667af6

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/178d6c2d3cfcd7c97b4fa70e1caf1dbd8b667af6
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230901/b1f4b909/attachment-0001.htm>