[Git][security-tracker-team/security-tracker][master] Rewrite note about CVE-2024-55553

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Jan 24 20:09:36 GMT 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6b8f7de8 by Salvatore Bonaccorso at 2025-01-24T21:07:01+01:00
Rewrite note about CVE-2024-55553

This fix is a backport to the 8.4 branch done in a (fork) of the frr
project maintained by the opensourcerouting project and targetting the
8.4 base branch. Rewrite the note to make this clearer. Drop the tag
reference as it's not included in the frr-8.4.4 tag.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -6426,7 +6426,8 @@ CVE-2024-55553 (In FRRouting (FRR) before 10.3 from 6.0 onward, all routes are r
 	- frr 10.2.1-1
 	NOTE: Fixed by: https://github.com/FRRouting/frr/commit/b0800bfdf04b4fcf48504737ebfe4ba7f05268d3 (master)
 	NOTE: Fixed by: https://github.com/FRRouting/frr/commit/410eb0da69214a06350315575ddb332e363b66c6 (frr-10.2.1)
-	NOTE: Fixed by: https://github.com/opensourcerouting/frr/commit/cc1c66a7e8dd31c681f396f6635192c0d60a543c (frr-8.4.4)
+	NOTE: Backport in opensourcerouting fork for 8.4 branch:
+	NOTE: https://github.com/opensourcerouting/frr/commit/cc1c66a7e8dd31c681f396f6635192c0d60a543c
 CVE-2024-55076 (Grocy through 4.3.0 has no CSRF protection, as demonstrated by changin ...)
 	NOT-FOR-US: Grocy
 CVE-2024-55075 (Grocy through 4.3.0 allows remote attackers to obtain sensitive inform ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6b8f7de89ca2fbd5c1cd205a341f4776f2e33535

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6b8f7de89ca2fbd5c1cd205a341f4776f2e33535
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250124/15acd0e9/attachment.htm>

More information about the debian-security-tracker-commits mailing list