Overview

File _patchinfo of Package patchinfo.30717

<patchinfo incident="30717">
  <issue tracker="cve" id="2023-38802"/>
  <issue tracker="cve" id="2023-41358"/>
  <issue tracker="bnc" id="1214735">VUL-0: CVE-2023-41358: frr,quagga: bgpd/bgp_packet.c processes NLRIs if the attribute length is zero, which can lead to crash</issue>
  <issue tracker="bnc" id="1213284">VUL-0: CVE-2023-38802: quagga,frr: bad length handling in BGP attribute handling</issue>
  <packager>mtomaschewski</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for quagga</summary>
  <description>This update for quagga fixes the following issues:

  - CVE-2023-38802: Fixed bad length handling in BGP attribute handling (bsc#1213284).
  - CVE-2023-41358: Fixed possible crash when processing NLRIs if the attribute length is zero (bsc#1214735).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places