Release date:
2025-11-05 17:21:48 UTC
Description:
- CVE-2022-36440: fix heap-buffer-overflow in peek_for_as4_capability
when reading BGP OPEN extended optional parameters
- CVE-2023-31490: fix insufficient stream data validation in BGP
prefix SID attributes processing
- CVE-2023-38407: fix out-of-bounds read in BGP labeled unicast parsing
- CVE-2023-41909: fix implicit withdrawal handling for BGP flowspec
without attributes
Updated packages:
-
frr-8.3.1-5.el9.2.alma.tuxcare.els2.x86_64.rpm
sha:3e083c219b41b59b90a8a806caa05474e3694a267ab6e1147952d7357b6f7eba
-
frr-selinux-8.3.1-5.el9.2.alma.tuxcare.els2.noarch.rpm
sha:a81ffb52274421a6b10d848c8fa15a72550bb032eeaa9bdd16c5e02f6b1bc051
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
