[ubuntu/mantic-proposed] frr 8.4.4-1ubuntu1 (Accepted)
Andreas Hasenack
andreas at canonical.com
Wed Jul 26 20:46:14 UTC 2023
frr (8.4.4-1ubuntu1) mantic; urgency=medium
* Merge with Debian unstable (LP: #2018072). Remaining changes:
- Fix logging with Ubuntu's unprivileged rsyslog (LP #1958162):
+ d/frr.postinst: change log files ownership
+ d/frr.logrotate: change rotated log file ownership
* Dropped:
- SECURITY UPDATE: denial of service via bgp_capability_llgr()
+ debian/patches/CVE-2023-31489.patch: check 7 bytes for Long-lived
Graceful-Restart capability in bgpd/bgp_open.c.
+ CVE-2023-31489
[Fixed upstream in 8.4.4]
- SECURITY UPDATE: denial of service via bgp_attr_psid_sub()
+ debian/patches/CVE-2023-31490.patch: ensure stream received has
enough data in bgpd/bgp_attr.c.
+ CVE-2023-31490
[Fixed upstream in version 8.4.4]
Date: Wed, 26 Jul 2023 17:43:05 -0300
Changed-By: Andreas Hasenack <andreas at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/frr/8.4.4-1ubuntu1
-------------- next part --------------
Format: 1.8
Date: Wed, 26 Jul 2023 17:43:05 -0300
Source: frr
Built-For-Profiles: noudeb
Architecture: source
Version: 8.4.4-1ubuntu1
Distribution: mantic
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Andreas Hasenack <andreas at canonical.com>
Launchpad-Bugs-Fixed: 2018072
Changes:
frr (8.4.4-1ubuntu1) mantic; urgency=medium
.
* Merge with Debian unstable (LP: #2018072). Remaining changes:
- Fix logging with Ubuntu's unprivileged rsyslog (LP #1958162):
+ d/frr.postinst: change log files ownership
+ d/frr.logrotate: change rotated log file ownership
* Dropped:
- SECURITY UPDATE: denial of service via bgp_capability_llgr()
+ debian/patches/CVE-2023-31489.patch: check 7 bytes for Long-lived
Graceful-Restart capability in bgpd/bgp_open.c.
+ CVE-2023-31489
[Fixed upstream in 8.4.4]
- SECURITY UPDATE: denial of service via bgp_attr_psid_sub()
+ debian/patches/CVE-2023-31490.patch: ensure stream received has
enough data in bgpd/bgp_attr.c.
+ CVE-2023-31490
[Fixed upstream in version 8.4.4]
Checksums-Sha1:
8d8b66ae05efe6d07da6213466094172c748ba20 2807 frr_8.4.4-1ubuntu1.dsc
8f9ca0cf40ee496bb92082ce168340d66d57655d 7302212 frr_8.4.4.orig.tar.xz
bf54360511b8f03f5189dc2e362df9ab5ceb66ca 32508 frr_8.4.4-1ubuntu1.debian.tar.xz
aeb5f34960580796e11ca361915ba703beb2a22d 7817 frr_8.4.4-1ubuntu1_source.buildinfo
Checksums-Sha256:
921f53628576e74eb6b731fc8287b4bea0c3c0f6e3779d665ecafc0c96548403 2807 frr_8.4.4-1ubuntu1.dsc
77f942795cd15b1b792d9bf712905edebf1803fcdaaa393d0ef0d2c1998d75d2 7302212 frr_8.4.4.orig.tar.xz
85b18e1a86ff03e4cd7d09f2e9070490f227596b36ce984810bb6d3149da7c22 32508 frr_8.4.4-1ubuntu1.debian.tar.xz
104dd802054122d25a809d289970da9dfb9e5114bd8d1daad4c4ebab1a6c1d36 7817 frr_8.4.4-1ubuntu1_source.buildinfo
Files:
5a3078f79e26075c068a559b7918a370 2807 net optional frr_8.4.4-1ubuntu1.dsc
bc2cc4fdfc5c555283613c7bf1bd4506 7302212 net optional frr_8.4.4.orig.tar.xz
75b39dcc8ccad07cbd843bf2f5ace71d 32508 net optional frr_8.4.4-1ubuntu1.debian.tar.xz
cd3be9f53adc276ee8305cf96adcd9d3 7817 net optional frr_8.4.4-1ubuntu1_source.buildinfo
Original-Maintainer: David Lamparter <equinox-debian at diac24.net>
Vcs-Git: https://git.launchpad.net/~ahasenack/ubuntu/+source/frr
Vcs-Git-Commit: 52887d68338b7a5f893ee7ade26db46d1b44a296
Vcs-Git-Ref: refs/heads/mantic-frr-merge-844
More information about the mantic-changes
mailing list