Accepted frr 7.5.1-1.1+deb11u2 (source) into oldstable-proposed-updates
- To: debian-changes@lists.debian.org
- Subject: Accepted frr 7.5.1-1.1+deb11u2 (source) into oldstable-proposed-updates
- From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
- Date: Tue, 12 Sep 2023 17:17:28 +0000
- Debian: DAK
- Debian-architecture: source
- Debian-archive-action: accept
- Debian-changes: frr_7.5.1-1.1+deb11u2_source.changes
- Debian-source: frr
- Debian-suite: oldstable-proposed-updates
- Debian-version: 7.5.1-1.1+deb11u2
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=naDIeL6f8Xmr78T1HS0qBgOSSuklhnTrX1NnQWO5Fc4=; b=GPN9SITlFG4t/S8fnRsTnMvfid AROZ6f3uZQbF55X4MUA3T7ba37EB4ioMpTiZLm4Whm0UKNRJ6sTGfoZ+C/fgBQGAtD0E5AmCD9nhF SuzVHxPIAFB9PMxZzNruneTFZrFOzlZSi7Jrw8DFeqDOVVRCyKP2LQbWP5ajpl8Z1W6HkBbNuiKPP zL87eYuAJsYd5wJDzz/ci1CugqLxvmfiSXhFnOVsVywXFVu+eXZvpzoqmdhsumGb0q5cFmnJGEl/H jmd0fgJsx/WIkgZJOGDjF3N5KHLcqMr4W9Pp1UQ/RltZv/tqovsI7K2OCOJNUqtDm2OUsCSSim3RJ 9y3tuJvg==;
- Mail-followup-to: debian-devel@lists.debian.org
- Message-id: <E1qg70y-00EF2E-9Q@fasolo.debian.org>
- Reply-to: debian-devel@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Fri, 01 Sep 2023 12:27:31 +0800
Source: frr
Architecture: source
Version: 7.5.1-1.1+deb11u2
Distribution: bullseye-security
Urgency: high
Maintainer: David Lamparter <equinox-debian@diac24.net>
Changed-By: Aron Xu <aron@debian.org>
Closes: 1035829 1036062
Changes:
frr (7.5.1-1.1+deb11u2) bullseye-security; urgency=high
.
* Non-maintainer upload by the Security Team.
* CVE-2022-36440, CVE-2022-40302, CVE-2022-40318, CVE-2022-43681:
Denial of service with maliciously construct BGP OPEN packet
(Closes: #1035829).
* CVE-2023-31490: Denial of service caused by malformed SRv6 L3
service attribute (Closes: #1036062).
* CVE-2023-38802: Denial of service caused by corrupted
Tunnel Encapsulation attribute.
* CVE-2023-41358: Denial of service while processing NLRIs with
zero length attribute.
Checksums-Sha1:
a7d908ce0fb2a65ba5ce72901d050902748518e2 2287 frr_7.5.1-1.1+deb11u2.dsc
0827aedf82f6e44a3116afd2fbfb5fca74d5d479 34096 frr_7.5.1-1.1+deb11u2.debian.tar.xz
2a84253426b6797268238724c7e6c8999e857519 8106 frr_7.5.1-1.1+deb11u2_source.buildinfo
Checksums-Sha256:
f374798eaae32e10a1c0721181c88c07aa8d70a18c07e94d504abda8f07bbf19 2287 frr_7.5.1-1.1+deb11u2.dsc
98a19282f795a65e2e104b5254947afd7bf0f375d115f123e27a48372b4efefa 34096 frr_7.5.1-1.1+deb11u2.debian.tar.xz
24ec8f8682e2f23337f26180454e9c5bd2c6f4cf81726401136f0759f97ce5e5 8106 frr_7.5.1-1.1+deb11u2_source.buildinfo
Files:
a07602544e027cade4ffab8cff96b525 2287 net optional frr_7.5.1-1.1+deb11u2.dsc
f340cd118ef732330033d1ac49b5706f 34096 net optional frr_7.5.1-1.1+deb11u2.debian.tar.xz
2bc53635a7e44849fc61a0669bd11f48 8106 net optional frr_7.5.1-1.1+deb11u2_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQEzBAEBCAAdFiEEhhz+aYQl/Bp4OTA7O1LKKgqv2VQFAmTxpWoACgkQO1LKKgqv
2VQIMwf9Ey4eqHd8G1ipYUDlPR11iyLuywUqTjM/02DcZuPH+jZGhE+bdi9iojyd
a7qTJ/WQ0lJ+TWhZ0UIF8qlj8cWQf96nriNpf8Fe6DZ1J1LFdnTINWcJLvgQ0iCm
Mmq0PuvUTW7KjTAZC9apaSSIPUFkEEtlUuKqQ624++NiGMZs95bD6nQzPIHCG3yA
TXCREoXwvUDEzUiiO/kh6h/S5vlheLnYI9xvetxhcMl2BVGWtsNFAlZWScGmZQ7z
IZbeeNcgrBYZy4BzHw/cNf6HtUIkvrw84C/mgKmR1lHM5+FOT9nHTQkgYr6L/oRS
yEInY3potu0i6SM8rpVW6CtJ9/xn2A==
=PuKm
-----END PGP SIGNATURE-----