| Summary: | <net-misc/frr-{9.0.4, 9.1.2}: Multiple vulnerabilities | ||
|---|---|---|---|
| Product: | Gentoo Security | Reporter: | Jaco Kroon <jaco> |
| Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
| Status: | CONFIRMED --- | ||
| Severity: | critical | CC: | alarig, jaco |
| Priority: | Normal | Keywords: | PullRequest |
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| See Also: | https://github.com/gentoo/gentoo/pull/38876 | ||
| Whiteboard: | B3 [glsa?] | ||
| Package list: | Runtime testing required: | --- | |
| Bug Depends on: | 940755 | ||
| Bug Blocks: | |||
|
Description
Jaco Kroon
2024-10-04 07:48:56 UTC
(No need for the bug to be private if the vulns are public) The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7800989084810e6f4f07971406c29c99f2852832 commit 7800989084810e6f4f07971406c29c99f2852832 Author: Jaco Kroon <jaco@uls.co.za> AuthorDate: 2024-10-02 10:31:55 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2024-10-04 08:11:48 +0000 net-misc/frr: add 9.1.2 (security) CVE-2024-31950 CVE-2024-31951 CVE-2024-31949 CVE-2024-44070 Closes: https://bugs.gentoo.org/907879 Closes: https://bugs.gentoo.org/872323 Closes: https://bugs.gentoo.org/894076 Bug: https://bugs.gentoo.org/940744 Signed-off-by: Jaco Kroon <jaco@uls.co.za> Reviewed-by: Alarig Le Lay <alarig@swordarmor.fr> Signed-off-by: Sam James <sam@gentoo.org> net-misc/frr/Manifest | 1 + net-misc/frr/frr-9.1.2.ebuild | 147 ++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 148 insertions(+) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=36fd816e93e82764783b0f1d7d74f252c5e77863 commit 36fd816e93e82764783b0f1d7d74f252c5e77863 Author: Jaco Kroon <jaco@uls.co.za> AuthorDate: 2024-10-02 10:24:14 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2024-10-04 08:11:47 +0000 net-misc/frr: add 9.0.4 (CVE-2024-31950, CVE-2024-31951, CVE-2024-44070) Bug: https://bugs.gentoo.org/907879 Bug: https://bugs.gentoo.org/872323 Bug: https://bugs.gentoo.org/894076 Bug: https://bugs.gentoo.org/940744 Signed-off-by: Jaco Kroon <jaco@uls.co.za> Reviewed-by: Alarig Le Lay <alarig@swordarmor.fr> Signed-off-by: Sam James <sam@gentoo.org> net-misc/frr/Manifest | 1 + net-misc/frr/frr-9.0.4.ebuild | 156 ++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 157 insertions(+) The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=07bd8b82d5f9e356618942dd3c25f8e4aa9de746 commit 07bd8b82d5f9e356618942dd3c25f8e4aa9de746 Author: Jaco Kroon <jaco@uls.co.za> AuthorDate: 2024-10-04 13:11:18 +0000 Commit: Eli Schwartz <eschwartz@gentoo.org> CommitDate: 2024-10-07 03:23:58 +0000 net-misc/frr: drop 9.0.2, 9.1, 9.1-r1 Remove security affected versions. Bug: https://bugs.gentoo.org/940744 Signed-off-by: Jaco Kroon <jaco@uls.co.za> Closes: https://github.com/gentoo/gentoo/pull/38876 Signed-off-by: Eli Schwartz <eschwartz@gentoo.org> net-misc/frr/Manifest | 2 - net-misc/frr/frr-9.0.2.ebuild | 150 ----------------------------------------- net-misc/frr/frr-9.1-r1.ebuild | 141 -------------------------------------- net-misc/frr/frr-9.1.ebuild | 140 -------------------------------------- 4 files changed, 433 deletions(-) |
