-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 02 Jun 2026 15:30:27 +0800 Source: frr Binary: frr-doc frr-pythontools Architecture: all Version: 8.4.4-1.1~deb12u2 Distribution: bookworm-security Urgency: high Maintainer: all / amd64 / i386 Build Daemon (x86-conova-01) Changed-By: Aron Xu Description: frr-doc - FRRouting suite - user manual frr-pythontools - FRRouting suite - Python tools Changes: frr (8.4.4-1.1~deb12u2) bookworm-security; urgency=high . * Non-maintainer upload by the Security Team. * Backport upstream fixes for several BGP/OSPF/babeld vulnerabilities: - CVE-2026-37457: off-by-one out-of-bounds write in the BGP FlowSpec operator decoder. - CVE-2026-28532: out-of-bounds read in OSPF TE/SR Opaque LSA TLV parsing caused by a truncated length accumulator (ospf_te_delete_te hunk adapted to the 8.4.4 edge-key code). - CVE-2026-5107: missing length validation when parsing EVPN Type-2/3/4 and ENCAP/VNC NLRIs (hand-ported to the 8.4.4 EVPN code). - CVE-2026-37458: missing martian next-hop validation in MP_REACH_NLRI. - CVE-2025-61099, CVE-2025-61100, CVE-2025-61101, CVE-2025-61102, CVE-2025-61103, CVE-2025-61104, CVE-2025-61105, CVE-2025-61106, CVE-2025-61107: NULL pointer dereference in ospfd when dumping Opaque LSAs while OSPF packet debugging is enabled. - CVE-2023-3748: infinite loop (DoS) in babeld packet parsing. - CVE-2024-27913, CVE-2024-31950, CVE-2024-31951, CVE-2024-34088: crashes and buffer overflows in OSPF Traffic Engineering / Opaque LSA parsing. Checksums-Sha1: 238367384fa5c7df3cb66c6ba0e8128fb87284e1 1821240 frr-doc_8.4.4-1.1~deb12u2_all.deb cee8078e7cf34fc09f32df8b9d2e42cd4d102114 36560 frr-pythontools_8.4.4-1.1~deb12u2_all.deb 697665d5c140de359950b05888f0ce782e6ac617 9996 frr_8.4.4-1.1~deb12u2_all-buildd.buildinfo Checksums-Sha256: 1966c6166776b5dcea1ac013a6b758e313859241c50038a64d00809350ce11f3 1821240 frr-doc_8.4.4-1.1~deb12u2_all.deb b81e036a8323a1e5ec8c7d7cf294666b5a9dcce754901398e1e589b0c4072578 36560 frr-pythontools_8.4.4-1.1~deb12u2_all.deb 0ebe7728c35a89f4213e01953859ab5e0193c8b22198f6e800d206757aeece82 9996 frr_8.4.4-1.1~deb12u2_all-buildd.buildinfo Files: 5aad20c57785dd958bc6f65aa64985c6 1821240 doc optional frr-doc_8.4.4-1.1~deb12u2_all.deb 5207366936d21016088d3583b183d653 36560 net optional frr-pythontools_8.4.4-1.1~deb12u2_all.deb 31a5b034e2402ff5f93d87e1622dc40b 9996 net optional frr_8.4.4-1.1~deb12u2_all-buildd.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE7cQ9mRD4+dWjjrb6PkCWRKsh20cFAmog+p0ACgkQPkCWRKsh 20c0SxAApxehQYaS8reiv6Qj2V6Zyim3Gj4jt2DK93DfkLwY/2jFyqkF8lrtDZXy MxJwWlQVbuaqL81o6ciMqCV1V6ayB356fZtmRX6PBqXIRLVwT7WvDUHve+CR9fPc qALZTJVdqtxujGK5C2Lr4Iq5IYh4ChhkiTkVvYu13Uiwu5vZ4yXy6ooniWZhBr6/ E1ZJ/9707NbGZCVGrCySmn4d0loe/VDSNxyv7MPuBxIYpm7TzZAW4FwvokXzDNNU y1j/Iu2TO7ebJD9irYGlF/gSQsuTk/oVjLQGyow1Ltv9XnBQmUbnSP39AS7PFERZ 0f8Fn8aboipoq6gWTyyF5MZ+B8Ljle1rffGkRxW867mnAbEel1yVQ9ZYRMixyOOa y3w3m3fgt6YZESYTnaMBU9T6Plyoa9TmmVDGcVMnycUEkxfhQjWYLu++xj9bcSl6 Vra49ykkhPiDoHW9iqsmlY8TTsSTqwdg4YI9scmOXIXpwfPbeshgrH/wvD1/sh0e MavDJAaLYm+EOezJK8CJV6IkTCSNC0qlkwf/oBCnQOB8kX5m2dEaDlGHHEkKPI43 ajpIMYXnLdZdYGUpwwsEvG84Ny+vtLczGA1nIGPwzuUwkz9eUu1XeyOiFfzDHTG5 9k9I0awvD1dxCEbrA8oWj8/82E+hsPnTVc5j/xXBq6B23Brk+ws= =lIMC -----END PGP SIGNATURE-----