[ALSA-2023:6434] Moderate: frr security and bug fix update
Type:
security
Severity:
moderate
Release date:
2023-11-14
Description:
FRRouting is free software that manages TCP/IP based routing protocols. It supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR, EIGRP and BFD. Security Fix(es): * frr: Reachable assertion in peek_for_as4_capability function (CVE-2022-36440) * frr: denial of service by crafting a BGP OPEN message with an option of type 0xff (CVE-2022-40302) * frr: denial of service by crafting a BGP OPEN message with an option of type in bgp_open_option_parse in the bgp_open.c 0xff (CVE-2022-40318) * frr: out-of-bounds read exists in the BGP daemon of FRRouting (CVE-2022-43681) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
Updated packages listed below:
Architecture Package Checksum
aarch64 frr-8.3.1-11.el9_3.alma.1.aarch64.rpm ad7aead43db8fb35b4276d2fb70e5abc8af707874a63da2d26c6386f1f209976
noarch frr-selinux-8.3.1-11.el9_3.alma.1.noarch.rpm 870b0f8fe1790980445cc04b697f5bc1d76221d1f374500912df87374d47bb49
ppc64le frr-8.3.1-11.el9_3.alma.1.ppc64le.rpm 1212ef154fe8c35d0c0006bce95b2a2e832e99286e48bb935f17e658a3359c6c
s390x frr-8.3.1-11.el9_3.alma.1.s390x.rpm 58892c0a844aacfe87875a5d9072242ec842d9603da4021cea9d8e91033cb280
x86_64 frr-8.3.1-11.el9_3.alma.1.x86_64.rpm a1b2a43d20c46a8653536154d2c0e7c79acab500d995edce206abfd368a49a7a
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.