[Git][security-tracker-team/security-tracker][master] Track fixed version for frr issues

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat Mar 9 07:17:27 GMT 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d3b02e17 by Salvatore Bonaccorso at 2024-03-09T08:16:52+01:00
Track fixed version for frr issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3068,7 +3068,7 @@ CVE-2023-51786 (An issue was discovered in Lustre versions 2.13.x, 2.14.x, and 2
 	- lustre <removed>
 	NOTE: http://lists.lustre.org/pipermail/lustre-announce-lustre.org/2024/000270.html
 CVE-2024-27913 (ospf_te_parse_te in ospfd/ospf_te.c in FRRouting (FRR) through 9.1 all ...)
-	- frr <unfixed> (bug #1065144)
+	- frr 9.1-0.1 (bug #1065144)
 	NOTE: https://github.com/FRRouting/frr/pull/15431
 	NOTE: stable/9.0: https://github.com/FRRouting/frr/commit/aae54e20498974cb026bd0e2649ca3e753090492 (
 CVE-2024-26542 (Cross Site Scripting vulnerability in Bonitasoft, S.A v.7.14. and fixe ...)
@@ -24991,7 +24991,7 @@ CVE-2023-46802 (e-Tax software Version3.0.10 and earlier improperly restricts XM
 CVE-2023-40207 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-38407 (bgpd/bgp_label.c in FRRouting (FRR) before 8.5 attempts to read beyond ...)
-	- frr <unfixed> (bug #1055852)
+	- frr 9.1-0.1 (bug #1055852)
 	NOTE: https://github.com/FRRouting/frr/pull/12951
 	NOTE: https://github.com/FRRouting/frr/commit/7404a914b0cafe046703c8381903a80d3def8f8b (base_9.0)
 	NOTE: https://github.com/FRRouting/frr/pull/12956
@@ -25064,10 +25064,10 @@ CVE-2023-47272 (Roundcube 1.5.x before 1.5.6 and 1.6.x before 1.6.5 allows XSS v
 	- roundcube 1.6.5+dfsg-1 (bug #1055421)
 	NOTE: https://github.com/roundcube/roundcubemail/commit/81ac3c342a4f288deb275590895b52ec3785cf8a (1.6.5)
 CVE-2023-47235 (An issue was discovered in FRRouting FRR through 9.0.1. A crash can oc ...)
-	- frr <unfixed> (bug #1055852)
+	- frr 9.1-0.1 (bug #1055852)
 	NOTE: https://github.com/FRRouting/frr/commit/6814f2e0138a6ea5e1f83bdd9085d9a77999900b
 CVE-2023-47234 (An issue was discovered in FRRouting FRR through 9.0.1. A crash can oc ...)
-	- frr <unfixed> (bug #1055852)
+	- frr 9.1-0.1 (bug #1055852)
 	NOTE: https://github.com/FRRouting/frr/commit/c37119df45bbf4ef713bc10475af2ee06e12f3bf
 CVE-2023-47233 (The brcm80211 component in the Linux kernel through 6.5.10 has a brcmf ...)
 	- linux <unfixed>
@@ -26446,11 +26446,11 @@ CVE-2023-5139 (Potential buffer overflow vulnerability at the following location
 CVE-2023-46754 (The admin panel for Obl.ong before 1.1.2 allows authorization bypass b ...)
 	NOT-FOR-US: admin panel for Obl.ong
 CVE-2023-46753 (An issue was discovered in FRRouting FRR through 9.0.1. A crash can oc ...)
-	- frr <unfixed> (bug #1055852)
+	- frr 9.1-0.1 (bug #1055852)
 	NOTE: Fixed by: https://github.com/FRRouting/frr/commit/d8482bf011cb2b173e85b65b4bf3d5061250cdb9 (master)
 	NOTE: Fixed by: https://github.com/FRRouting/frr/commit/21418d64af11553c402f932b0311c812d98ac3e4 (stable/8.5 branch)
 CVE-2023-46752 (An issue was discovered in FRRouting FRR through 9.0.1. It mishandles  ...)
-	- frr <unfixed> (bug #1055852)
+	- frr 9.1-0.1 (bug #1055852)
 	NOTE: Fixed by: https://github.com/FRRouting/frr/commit/b08afc81c60607a4f736f418f2e3eb06087f1a35 (master)
 	NOTE: Fixed by: https://github.com/FRRouting/frr/commit/30b5c2a434d25981e16792f6f50162beb517ae4d (stable/8.5 branch)
 CVE-2023-46668 (If Elastic Endpoint (v7.9.0 - v8.10.3) is configured to use a non-defa ...)
@@ -36327,7 +36327,7 @@ CVE-2023-41363 (In Cerebrate 1.14, a vulnerability in UserSettingsController all
 	NOT-FOR-US: Cerebrate
 CVE-2023-41361 (An issue was discovered in FRRouting FRR 9.0. bgpd/bgp_open.c does not ...)
 	{DLA-3573-1}
-	- frr <unfixed> (bug #1055852)
+	- frr 9.1-0.1 (bug #1055852)
 	[bullseye] - frr <not-affected> (The vulnerable code was introduced later)
 	NOTE: https://github.com/FRRouting/frr/pull/14241
 	NOTE: Fixed by: https://github.com/FRRouting/frr/commit/b4d09af9194d20a7f9f16995a062f5d8e3d32840
@@ -41494,7 +41494,7 @@ CVE-2023-3750 (A flaw was found in libvirt. The virStoragePoolObjListSearch func
 	NOTE: Introduced with: https://gitlab.com/libvirt/libvirt/-/commit/0c4b391e2a90c3e0f8a8721cb539e03f14eb1d5e (v8.3.0-rc1)
 	NOTE: Fixed by: https://gitlab.com/libvirt/libvirt/-/commit/9a47442366fcf8a7b6d7422016d7bbb6764a1098 (v9.6.0-rc1)
 CVE-2023-3748 (A flaw was found in FRRouting when parsing certain babeld unicast hell ...)
-	- frr <unfixed> (bug #1042473)
+	- frr 9.1-0.1 (bug #1042473)
 	[bullseye] - frr <not-affected> (The vulnerable code was introduced later)
 	[buster] - frr <not-affected> (The vulnerable code was introduced later)
 	NOTE: https://github.com/FRRouting/frr/issues/11808



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d3b02e17a8301b12f74eb90f2ddbaabe0f5c63c4

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d3b02e17a8301b12f74eb90f2ddbaabe0f5c63c4
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240309/af2245ca/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list