Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
6b8f7de8 by Salvatore Bonaccorso at 2025-01-24T21:07:01+01:00
Rewrite note about CVE-2024-55553
This fix is a backport to the 8.4 branch done in a (fork) of the frr
project maintained by the opensourcerouting project and targetting the
8.4 base branch. Rewrite the note to make this clearer. Drop the tag
reference as it's not included in the frr-8.4.4 tag.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -6426,7 +6426,8 @@ CVE-2024-55553 (In FRRouting (FRR) before 10.3 from 6.0
onward, all routes are r
- frr 10.2.1-1
NOTE: Fixed by:
https://github.com/FRRouting/frr/commit/b0800bfdf04b4fcf48504737ebfe4ba7f05268d3
(master)
NOTE: Fixed by:
https://github.com/FRRouting/frr/commit/410eb0da69214a06350315575ddb332e363b66c6
(frr-10.2.1)
- NOTE: Fixed by:
https://github.com/opensourcerouting/frr/commit/cc1c66a7e8dd31c681f396f6635192c0d60a543c
(frr-8.4.4)
+ NOTE: Backport in opensourcerouting fork for 8.4 branch:
+ NOTE:
https://github.com/opensourcerouting/frr/commit/cc1c66a7e8dd31c681f396f6635192c0d60a543c
CVE-2024-55076 (Grocy through 4.3.0 has no CSRF protection, as demonstrated by
changin ...)
NOT-FOR-US: Grocy
CVE-2024-55075 (Grocy through 4.3.0 allows remote attackers to obtain
sensitive inform ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6b8f7de89ca2fbd5c1cd205a341f4776f2e33535
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6b8f7de89ca2fbd5c1cd205a341f4776f2e33535
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
