SUSE-SU-2024:3090-1

Опубликовано: 03 сент. 2024

Источник: suse-cvrf

Описание

Security update for frr

This update for frr fixes the following issues:

CVE-2024-44070: Fixed missing stream length check before TLV value is taken in bgp_attr_encap (bsc#1229438)

Список пакетов

SUSE Enterprise Storage 7.1

frr-7.4-150300.4.29.1

frr-devel-7.4-150300.4.29.1

libfrr0-7.4-150300.4.29.1

libfrr_pb0-7.4-150300.4.29.1

libfrrcares0-7.4-150300.4.29.1

libfrrfpm_pb0-7.4-150300.4.29.1

libfrrgrpc_pb0-7.4-150300.4.29.1

libfrrospfapiclient0-7.4-150300.4.29.1

libfrrsnmp0-7.4-150300.4.29.1

libfrrzmq0-7.4-150300.4.29.1

libmlag_pb0-7.4-150300.4.29.1

SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS

frr-7.4-150300.4.29.1

frr-devel-7.4-150300.4.29.1

libfrr0-7.4-150300.4.29.1

libfrr_pb0-7.4-150300.4.29.1

libfrrcares0-7.4-150300.4.29.1

libfrrfpm_pb0-7.4-150300.4.29.1

libfrrgrpc_pb0-7.4-150300.4.29.1

libfrrospfapiclient0-7.4-150300.4.29.1

libfrrsnmp0-7.4-150300.4.29.1

libfrrzmq0-7.4-150300.4.29.1

libmlag_pb0-7.4-150300.4.29.1

SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS

frr-7.4-150300.4.29.1

frr-devel-7.4-150300.4.29.1

libfrr0-7.4-150300.4.29.1

libfrr_pb0-7.4-150300.4.29.1

libfrrcares0-7.4-150300.4.29.1

libfrrfpm_pb0-7.4-150300.4.29.1

libfrrgrpc_pb0-7.4-150300.4.29.1

libfrrospfapiclient0-7.4-150300.4.29.1

libfrrsnmp0-7.4-150300.4.29.1

libfrrzmq0-7.4-150300.4.29.1

libmlag_pb0-7.4-150300.4.29.1

SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS

frr-7.4-150300.4.29.1

frr-devel-7.4-150300.4.29.1

libfrr0-7.4-150300.4.29.1

libfrr_pb0-7.4-150300.4.29.1

libfrrcares0-7.4-150300.4.29.1

libfrrfpm_pb0-7.4-150300.4.29.1

libfrrgrpc_pb0-7.4-150300.4.29.1

libfrrospfapiclient0-7.4-150300.4.29.1

libfrrsnmp0-7.4-150300.4.29.1

libfrrzmq0-7.4-150300.4.29.1

libmlag_pb0-7.4-150300.4.29.1

SUSE Linux Enterprise Server 15 SP3-LTSS

frr-7.4-150300.4.29.1

frr-devel-7.4-150300.4.29.1

libfrr0-7.4-150300.4.29.1

libfrr_pb0-7.4-150300.4.29.1

libfrrcares0-7.4-150300.4.29.1

libfrrfpm_pb0-7.4-150300.4.29.1

libfrrgrpc_pb0-7.4-150300.4.29.1

libfrrospfapiclient0-7.4-150300.4.29.1

libfrrsnmp0-7.4-150300.4.29.1

libfrrzmq0-7.4-150300.4.29.1

libmlag_pb0-7.4-150300.4.29.1

SUSE Linux Enterprise Server 15 SP4-LTSS

frr-7.4-150300.4.29.1

frr-devel-7.4-150300.4.29.1

libfrr0-7.4-150300.4.29.1

libfrr_pb0-7.4-150300.4.29.1

libfrrcares0-7.4-150300.4.29.1

libfrrfpm_pb0-7.4-150300.4.29.1

libfrrgrpc_pb0-7.4-150300.4.29.1

libfrrospfapiclient0-7.4-150300.4.29.1

libfrrsnmp0-7.4-150300.4.29.1

libfrrzmq0-7.4-150300.4.29.1

libmlag_pb0-7.4-150300.4.29.1

SUSE Linux Enterprise Server for SAP Applications 15 SP3

frr-7.4-150300.4.29.1

frr-devel-7.4-150300.4.29.1

libfrr0-7.4-150300.4.29.1

libfrr_pb0-7.4-150300.4.29.1

libfrrcares0-7.4-150300.4.29.1

libfrrfpm_pb0-7.4-150300.4.29.1

libfrrgrpc_pb0-7.4-150300.4.29.1

libfrrospfapiclient0-7.4-150300.4.29.1

libfrrsnmp0-7.4-150300.4.29.1

libfrrzmq0-7.4-150300.4.29.1

libmlag_pb0-7.4-150300.4.29.1

SUSE Linux Enterprise Server for SAP Applications 15 SP4

frr-7.4-150300.4.29.1

frr-devel-7.4-150300.4.29.1

libfrr0-7.4-150300.4.29.1

libfrr_pb0-7.4-150300.4.29.1

libfrrcares0-7.4-150300.4.29.1

libfrrfpm_pb0-7.4-150300.4.29.1

libfrrgrpc_pb0-7.4-150300.4.29.1

libfrrospfapiclient0-7.4-150300.4.29.1

libfrrsnmp0-7.4-150300.4.29.1

libfrrzmq0-7.4-150300.4.29.1

libmlag_pb0-7.4-150300.4.29.1

SUSE Manager Proxy 4.3

frr-7.4-150300.4.29.1

frr-devel-7.4-150300.4.29.1

libfrr0-7.4-150300.4.29.1

libfrr_pb0-7.4-150300.4.29.1

libfrrcares0-7.4-150300.4.29.1

libfrrfpm_pb0-7.4-150300.4.29.1

libfrrgrpc_pb0-7.4-150300.4.29.1

libfrrospfapiclient0-7.4-150300.4.29.1

libfrrsnmp0-7.4-150300.4.29.1

libfrrzmq0-7.4-150300.4.29.1

libmlag_pb0-7.4-150300.4.29.1

SUSE Manager Server 4.3

frr-7.4-150300.4.29.1

frr-devel-7.4-150300.4.29.1

libfrr0-7.4-150300.4.29.1

libfrr_pb0-7.4-150300.4.29.1

libfrrcares0-7.4-150300.4.29.1

libfrrfpm_pb0-7.4-150300.4.29.1

libfrrgrpc_pb0-7.4-150300.4.29.1

libfrrospfapiclient0-7.4-150300.4.29.1

libfrrsnmp0-7.4-150300.4.29.1

libfrrzmq0-7.4-150300.4.29.1

libmlag_pb0-7.4-150300.4.29.1

Ссылки

https://www.suse.com/support/update/announcement/2024/suse-su-20243090-1/
Link for SUSE-SU-2024:3090-1
https://lists.suse.com/pipermail/sle-updates/2024-September/036782.html
E-Mail link for SUSE-SU-2024:3090-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1229438
SUSE Bug 1229438
https://www.suse.com/security/cve/CVE-2024-44070/
SUSE CVE CVE-2024-44070 page

Описание

An issue was discovered in FRRouting (FRR) through 10.1. bgp_attr_encap in bgpd/bgp_attr.c does not check the actual remaining stream length before taking the TLV value.

Затронутые продукты

SUSE Enterprise Storage 7.1:frr-7.4-150300.4.29.1

SUSE Enterprise Storage 7.1:frr-devel-7.4-150300.4.29.1

SUSE Enterprise Storage 7.1:libfrr0-7.4-150300.4.29.1

SUSE Enterprise Storage 7.1:libfrr_pb0-7.4-150300.4.29.1

Ссылки

https://www.suse.com/security/cve/CVE-2024-44070.html
CVE-2024-44070
https://bugzilla.suse.com/1229438
SUSE Bug 1229438

SUSE-SU-2024:3090-1

Описание

Список пакетов

SUSE Enterprise Storage 7.1

SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS

SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS

SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS

SUSE Linux Enterprise Server 15 SP3-LTSS

SUSE Linux Enterprise Server 15 SP4-LTSS

SUSE Linux Enterprise Server for SAP Applications 15 SP3

SUSE Linux Enterprise Server for SAP Applications 15 SP4

SUSE Manager Proxy 4.3

SUSE Manager Server 4.3

Ссылки

Уязвимость: CVE-2024-44070

Описание

Затронутые продукты

Ссылки