[Git][security-tracker-team/security-tracker][master] Track fixed version for frr issues fixed via unstable upload
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sat Jul 27 06:53:29 BST 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
cc8373e9 by Salvatore Bonaccorso at 2024-07-27T07:52:26+02:00
Track fixed version for frr issues fixed via unstable upload
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -27561,7 +27561,7 @@ CVE-2024-3411 (Implementations of IPMI Authenticated sessions does not provide e
CVE-2024-3072 (The ACF Front End Editor plugin for WordPress is vulnerable to unautho ...)
NOT-FOR-US: WordPress plugin
CVE-2024-34088 (In FRRouting (FRR) through 9.1, it is possible for the get_edge() func ...)
- - frr <unfixed> (bug #1070377)
+ - frr 10.0.1-0.1 (bug #1070377)
[bullseye] - frr <not-affected> (Vulnerable code introduced later)
[buster] - frr <not-affected> (Vulnerable code introduced later)
NOTE: https://github.com/FRRouting/frr/pull/15674
@@ -34498,7 +34498,7 @@ CVE-2024-3431 (A vulnerability was found in EyouCMS 1.6.5. It has been declared
CVE-2024-3430 (A vulnerability was found in QKSMS up to 3.9.4 on Android. It has been ...)
NOT-FOR-US: QKSMS
CVE-2024-31951 (In the Opaque LSA Extended Link parser in FRRouting (FRR) through 9.1, ...)
- - frr <unfixed> (bug #1070377)
+ - frr 10.0.1-0.1 (bug #1070377)
[bullseye] - frr <not-affected> (Vulnerable code not present)
[buster] - frr <not-affected> (Vulnerable code not present)
NOTE: https://github.com/FRRouting/frr/pull/15674/
@@ -34508,7 +34508,7 @@ CVE-2024-31951 (In the Opaque LSA Extended Link parser in FRRouting (FRR) throug
NOTE: https://github.com/FRRouting/frr/commit/e08495a4a8ad4d2050691d9e5e13662d2635b2e0
NOTE: vulnerable feature introduced in https://github.com/FRRouting/frr/commit/f173deb35206a09e8dc22828cb08638e289b72a5 (first shipped with 8.0)
CVE-2024-31950 (In FRRouting (FRR) through 9.1, there can be a buffer overflow and dae ...)
- - frr <unfixed> (bug #1070377)
+ - frr 10.0.1-0.1 (bug #1070377)
[bullseye] - frr <not-affected> (Vulnerable code not present)
[buster] - frr <not-affected> (Vulnerable code not present)
NOTE: https://github.com/FRRouting/frr/pull/15674/
@@ -34519,12 +34519,12 @@ CVE-2024-31950 (In FRRouting (FRR) through 9.1, there can be a buffer overflow a
NOTE: vulnerable feature introduced in https://github.com/FRRouting/frr/commit/f173deb35206a09e8dc22828cb08638e289b72a5 (first shipped with 8.0)
CVE-2024-31949 (In FRRouting (FRR) through 9.1, an infinite loop can occur when receiv ...)
{DLA-3797-1}
- - frr <unfixed> (bug #1072125)
+ - frr 10.0.1-0.1 (bug #1072125)
NOTE: https://github.com/FRRouting/frr/pull/15640
NOTE: Fixed by: https://github.com/FRRouting/frr/commit/30a332dad86fafd2b0b6c61d23de59ed969a219b
CVE-2024-31948 (In FRRouting (FRR) through 9.1, an attacker using a malformed Prefix S ...)
{DLA-3797-1}
- - frr <unfixed> (bug #1072126)
+ - frr 10.0.1-0.1 (bug #1072126)
NOTE: https://github.com/FRRouting/frr/pull/15628
NOTE: Fixed by: https://github.com/FRRouting/frr/commit/ba6a8f1a31e1a88df2de69ea46068e8bd9b97138
NOTE: Fixed by: https://github.com/FRRouting/frr/commit/babb23b74855e23c987a63f8256d24e28c044d07
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cc8373e9edbc62f572cd2751bb3c3335fef6cd96
--
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cc8373e9edbc62f572cd2751bb3c3335fef6cd96
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240727/5b2cd007/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list