ELSA-2023-6434

ELSA-2023-6434 - frr security and bug fix update

Type:	SECURITY
Impact:	MODERATE
Release Date:	2023-11-11

Description

[8.3.1-11]
- Resolves: RHEL-2263 - bgpd: Do not explicitly print MAXTTL value for ebgp-multihop vty output

[8.3.1-10]
- Related: #2216912 - adding sys_admin to capabilities

[8.3.1-9]
- Resolves: #2215346 - frr policy does not allow the execution of /usr/sbin/ipsec

[8.3.1-8]
- Resolves: #2216912 - SELinux is preventing FRR-Zebra to access to network namespaces

[8.3.1-7]
- Resolves: #2168855 - BFD not working through VRF

[8.3.1-6]
- Resolves: #2184870 - Reachable assertion in peek_for_as4_capability function
- Resolves: #2196795 - denial of service by crafting a BGP OPEN message with an option of type 0xff
- Resolves: #2196796 - denial of service by crafting a BGP OPEN message with an option of type 0xff
- Resolves: #2196794 - out-of-bounds read exists in the BGP daemon of FRRouting

Related CVEs

CVE-2022-40302

CVE-2022-40318

CVE-2022-36440

CVE-2022-43681

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label
Oracle Linux 9 (aarch64)	frr-8.3.1-11.el9_3.src.rpm	948dd760f528124aed0cd4f89b071fd63cab32d33e161809de4b094252f01a10	-	ol9_aarch64_appstream
	frr-8.3.1-11.el9_3.aarch64.rpm	bbfbbc87526a036fe27e03954f03c639cfae90d1fc224ca15fc7d5b37926fb62	-	ol9_aarch64_appstream
	frr-selinux-8.3.1-11.el9_3.noarch.rpm	c8520394833281b1ebc27219bfd3ad6ad155c9048219a61c0a4776224c9e948f	-	ol9_aarch64_appstream
Oracle Linux 9 (x86_64)	frr-8.3.1-11.el9_3.src.rpm	948dd760f528124aed0cd4f89b071fd63cab32d33e161809de4b094252f01a10	-	ol9_x86_64_appstream
	frr-8.3.1-11.el9_3.x86_64.rpm	3284e989b6c7729051fd69dc4896f055773bf2e15a5fbbbff18e67a33ef9b975	-	ol9_x86_64_appstream
	frr-selinux-8.3.1-11.el9_3.noarch.rpm	c8520394833281b1ebc27219bfd3ad6ad155c9048219a61c0a4776224c9e948f	-	ol9_x86_64_appstream

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team