Description:
FRRouting is free software that manages TCP/IP based routing protocols. It supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR, EIGRP and BFD.
Security Fix(es):
* frr: missing length check in bgp_attr_psid_sub() can lead do DoS (CVE-2023-31490)
* frr: processes invalid NLRIs if attribute length is zero (CVE-2023-41358)
* frr: NULL pointer dereference in bgp_nlri_parse_flowspec() in bgpd/bgp_flowspec.c (CVE-2023-41909)
* frr: mishandled malformed data leading to a crash (CVE-2023-46752)
* frr: crafted BGP UPDATE message leading to a crash (CVE-2023-46753)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
Updated packages listed below:
| Architecture |
Package |
Checksum |
| aarch64 |
frr-7.5.1-22.el8.aarch64.rpm |
0762e8a33858e4c344a1123172cf7fbf9e448f4892d0501a01800178ae1d080a |
| noarch |
frr-selinux-7.5.1-22.el8.noarch.rpm |
a9084424bc3c86a44864c397eb368afab0a49d2aaac2a9b5ab990033e5816cfc |
| ppc64le |
frr-7.5.1-22.el8.ppc64le.rpm |
56e6e030bf5a4a10c5efbe799e15817b3becda990e76b55259b1bfaa76905f59 |
| s390x |
frr-7.5.1-22.el8.s390x.rpm |
a496b8ee0dcf2b1630b98d9f25a2022057771625a8fda9d9be6fd2fe8bf0ba5c |
| x86_64 |
frr-7.5.1-22.el8.x86_64.rpm |
d892ae39d75640ed6e290d71c3038009ae7b8f86b2a619422d5bf38e42e0a4b9 |
