frr-8.1-5.1 on GA media SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2024:12307 Final 1 1 2024-06-17T21:45:33Z current 2024-06-17T21:45:33Z 2024-06-17T21:45:33Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z frr-8.1-5.1 on GA media These are all security issues fixed in the frr-8.1-5.1 package on the GA media of openSUSE Tumbleweed. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-Tumbleweed-2024-12307 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) E-Mail link for openSUSE-SU-2024:12307 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://www.suse.com/security/cve/CVE-2019-25074/ SUSE CVE CVE-2019-25074 page https://www.suse.com/security/cve/CVE-2022-37032/ SUSE CVE CVE-2022-37032 page openSUSE Tumbleweed frr-8.1-5.1 frr-devel-8.1-5.1 libfrr0-8.1-5.1 libfrr_pb0-8.1-5.1 libfrrcares0-8.1-5.1 libfrrfpm_pb0-8.1-5.1 libfrrospfapiclient0-8.1-5.1 libfrrsnmp0-8.1-5.1 libfrrzmq0-8.1-5.1 libmlag_pb0-8.1-5.1 frr-8.1-5.1 as a component of openSUSE Tumbleweed frr-devel-8.1-5.1 as a component of openSUSE Tumbleweed libfrr0-8.1-5.1 as a component of openSUSE Tumbleweed libfrr_pb0-8.1-5.1 as a component of openSUSE Tumbleweed libfrrcares0-8.1-5.1 as a component of openSUSE Tumbleweed libfrrfpm_pb0-8.1-5.1 as a component of openSUSE Tumbleweed libfrrospfapiclient0-8.1-5.1 as a component of openSUSE Tumbleweed libfrrsnmp0-8.1-5.1 as a component of openSUSE Tumbleweed libfrrzmq0-8.1-5.1 as a component of openSUSE Tumbleweed libmlag_pb0-8.1-5.1 as a component of openSUSE Tumbleweed ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. CVE-2019-25074 openSUSE Tumbleweed:frr-8.1-5.1 openSUSE Tumbleweed:frr-devel-8.1-5.1 openSUSE Tumbleweed:libfrr0-8.1-5.1 openSUSE Tumbleweed:libfrr_pb0-8.1-5.1 openSUSE Tumbleweed:libfrrcares0-8.1-5.1 openSUSE Tumbleweed:libfrrfpm_pb0-8.1-5.1 openSUSE Tumbleweed:libfrrospfapiclient0-8.1-5.1 openSUSE Tumbleweed:libfrrsnmp0-8.1-5.1 openSUSE Tumbleweed:libfrrzmq0-8.1-5.1 openSUSE Tumbleweed:libmlag_pb0-8.1-5.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-25074.html CVE-2019-25074 https://bugzilla.suse.com/1202022 SUSE Bug 1202022 An out-of-bounds read in the BGP daemon of FRRouting FRR before 8.4 may lead to a segmentation fault and denial of service. This occurs in bgp_capability_msg_parse in bgpd/bgp_packet.c. CVE-2022-37032 openSUSE Tumbleweed:frr-8.1-5.1 openSUSE Tumbleweed:frr-devel-8.1-5.1 openSUSE Tumbleweed:libfrr0-8.1-5.1 openSUSE Tumbleweed:libfrr_pb0-8.1-5.1 openSUSE Tumbleweed:libfrrcares0-8.1-5.1 openSUSE Tumbleweed:libfrrfpm_pb0-8.1-5.1 openSUSE Tumbleweed:libfrrospfapiclient0-8.1-5.1 openSUSE Tumbleweed:libfrrsnmp0-8.1-5.1 openSUSE Tumbleweed:libfrrzmq0-8.1-5.1 openSUSE Tumbleweed:libmlag_pb0-8.1-5.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-37032.html CVE-2022-37032 https://bugzilla.suse.com/1202023 SUSE Bug 1202023