SUSE-SU-2024:4090-1: important: Security update for frr
# Security update for frr Announcement ID: SUSE-SU-2024:4090-1 Release Date: 2024-11-28T07:58:02Z Rating: important References: * jsc#PED-11092 Cross-References: * CVE-2023-31489 * CVE-2023-31490 * CVE-2023-3748 * CVE-2023-38406 * CVE-2023-38407 * CVE-2023-38802 * CVE-2023-41358 * CVE-2023-41360 * CVE-2023-41909 * CVE-2023-46752 * CVE-2023-46753 * CVE-2023-47234 * CVE-2023-47235 * CVE-2024-27913 * CVE-2024-31948 * CVE-2024-31950 * CVE-2024-31951 * CVE-2024-34088 * CVE-2024-44070 CVSS scores: * CVE-2023-31489 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2023-31489 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2023-31490 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-31490 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-3748 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-3748 ( NVD ): 3.5 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2023-38406 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-38406 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2023-38407 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-38407 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-38802 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-38802 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-41358 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-41358 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-41360 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2023-41360 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2023-41360 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2023-41909 ( SUSE ): 3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2023-41909 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-46752 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-46752 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-46753 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-46753 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-47234 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-47234 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-47235 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-47235 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27913 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-31948 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-31950 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-31951 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-31951 ( NVD ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-34088 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-34088 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44070 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-44070 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44070 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.5 * openSUSE Leap 15.6 * Server Applications Module 15-SP5 * Server Applications Module 15-SP6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves 19 vulnerabilities and contains one feature can now be installed. ## Description: This update for frr fixes the following issues: Update to frr 8.5.6 (jsc#PED-PED-11092) including fixes for: * CVE-2024-44070,CVE-2024-34088,CVE-2024-31951,CVE-2024-31950, CVE-2024-31948,CVE-2024-27913,CVE-2023-47235,CVE-2023-47234, CVE-2023-46753,CVE-2023-46752,CVE-2023-41909,CVE-2023-41360, CVE-2023-41358,CVE-2023-38802,CVE-2023-38407,CVE-2023-38406, CVE-2023-3748,CVE-2023-31490,CVE-2023-31489 and other bugfixes. See https://frrouting.org/release/8.5.6/ for details. The most recent frr 8.x series provides several new features, improvements and bug fixes for various protocols and daemons, especially for PIM/PIMv6/BGP and VRF support. See https://frrouting.org/release/8.5/ for details and links. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-4090=1 openSUSE-SLE-15.5-2024-4090=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-4090=1 * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-4090=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2024-4090=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * libfrrzmq0-debuginfo-8.5.6-150500.4.30.1 * libfrrospfapiclient0-8.5.6-150500.4.30.1 * libfrrsnmp0-8.5.6-150500.4.30.1 * libfrrzmq0-8.5.6-150500.4.30.1 * libfrrfpm_pb0-8.5.6-150500.4.30.1 * libfrrcares0-8.5.6-150500.4.30.1 * libfrrsnmp0-debuginfo-8.5.6-150500.4.30.1 * libfrr0-8.5.6-150500.4.30.1 * frr-devel-8.5.6-150500.4.30.1 * libfrrospfapiclient0-debuginfo-8.5.6-150500.4.30.1 * libfrrfpm_pb0-debuginfo-8.5.6-150500.4.30.1 * libfrr0-debuginfo-8.5.6-150500.4.30.1 * libfrr_pb0-8.5.6-150500.4.30.1 * frr-8.5.6-150500.4.30.1 * libmlag_pb0-debuginfo-8.5.6-150500.4.30.1 * libfrrcares0-debuginfo-8.5.6-150500.4.30.1 * frr-debugsource-8.5.6-150500.4.30.1 * frr-debuginfo-8.5.6-150500.4.30.1 * libmlag_pb0-8.5.6-150500.4.30.1 * libfrr_pb0-debuginfo-8.5.6-150500.4.30.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * libfrrzmq0-debuginfo-8.5.6-150500.4.30.1 * libfrrospfapiclient0-8.5.6-150500.4.30.1 * libfrrsnmp0-8.5.6-150500.4.30.1 * libfrrzmq0-8.5.6-150500.4.30.1 * libfrrfpm_pb0-8.5.6-150500.4.30.1 * libfrrcares0-8.5.6-150500.4.30.1 * libfrrsnmp0-debuginfo-8.5.6-150500.4.30.1 * libfrr0-8.5.6-150500.4.30.1 * frr-devel-8.5.6-150500.4.30.1 * libfrrospfapiclient0-debuginfo-8.5.6-150500.4.30.1 * libfrrfpm_pb0-debuginfo-8.5.6-150500.4.30.1 * libfrr0-debuginfo-8.5.6-150500.4.30.1 * libfrr_pb0-8.5.6-150500.4.30.1 * frr-8.5.6-150500.4.30.1 * libmlag_pb0-debuginfo-8.5.6-150500.4.30.1 * libfrrcares0-debuginfo-8.5.6-150500.4.30.1 * frr-debugsource-8.5.6-150500.4.30.1 * frr-debuginfo-8.5.6-150500.4.30.1 * libmlag_pb0-8.5.6-150500.4.30.1 * libfrr_pb0-debuginfo-8.5.6-150500.4.30.1 * Server Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libfrrzmq0-debuginfo-8.5.6-150500.4.30.1 * libfrrospfapiclient0-8.5.6-150500.4.30.1 * libfrrsnmp0-8.5.6-150500.4.30.1 * libfrrzmq0-8.5.6-150500.4.30.1 * libfrrfpm_pb0-8.5.6-150500.4.30.1 * libfrrcares0-8.5.6-150500.4.30.1 * libfrrsnmp0-debuginfo-8.5.6-150500.4.30.1 * libfrr0-8.5.6-150500.4.30.1 * frr-devel-8.5.6-150500.4.30.1 * libfrrospfapiclient0-debuginfo-8.5.6-150500.4.30.1 * libfrrfpm_pb0-debuginfo-8.5.6-150500.4.30.1 * libfrr0-debuginfo-8.5.6-150500.4.30.1 * libfrr_pb0-8.5.6-150500.4.30.1 * frr-8.5.6-150500.4.30.1 * libmlag_pb0-debuginfo-8.5.6-150500.4.30.1 * libfrrcares0-debuginfo-8.5.6-150500.4.30.1 * frr-debugsource-8.5.6-150500.4.30.1 * frr-debuginfo-8.5.6-150500.4.30.1 * libmlag_pb0-8.5.6-150500.4.30.1 * libfrr_pb0-debuginfo-8.5.6-150500.4.30.1 * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libfrrzmq0-debuginfo-8.5.6-150500.4.30.1 * libfrrospfapiclient0-8.5.6-150500.4.30.1 * libfrrsnmp0-8.5.6-150500.4.30.1 * libfrrzmq0-8.5.6-150500.4.30.1 * libfrrfpm_pb0-8.5.6-150500.4.30.1 * libfrrcares0-8.5.6-150500.4.30.1 * libfrrsnmp0-debuginfo-8.5.6-150500.4.30.1 * libfrr0-8.5.6-150500.4.30.1 * frr-devel-8.5.6-150500.4.30.1 * libfrrospfapiclient0-debuginfo-8.5.6-150500.4.30.1 * libfrrfpm_pb0-debuginfo-8.5.6-150500.4.30.1 * libfrr0-debuginfo-8.5.6-150500.4.30.1 * libfrr_pb0-8.5.6-150500.4.30.1 * frr-8.5.6-150500.4.30.1 * libmlag_pb0-debuginfo-8.5.6-150500.4.30.1 * libfrrcares0-debuginfo-8.5.6-150500.4.30.1 * frr-debugsource-8.5.6-150500.4.30.1 * frr-debuginfo-8.5.6-150500.4.30.1 * libmlag_pb0-8.5.6-150500.4.30.1 * libfrr_pb0-debuginfo-8.5.6-150500.4.30.1 ## References: * https://www.suse.com/security/cve/CVE-2023-31489.html * https://www.suse.com/security/cve/CVE-2023-31490.html * https://www.suse.com/security/cve/CVE-2023-3748.html * https://www.suse.com/security/cve/CVE-2023-38406.html * https://www.suse.com/security/cve/CVE-2023-38407.html * https://www.suse.com/security/cve/CVE-2023-38802.html * https://www.suse.com/security/cve/CVE-2023-41358.html * https://www.suse.com/security/cve/CVE-2023-41360.html * https://www.suse.com/security/cve/CVE-2023-41909.html * https://www.suse.com/security/cve/CVE-2023-46752.html * https://www.suse.com/security/cve/CVE-2023-46753.html * https://www.suse.com/security/cve/CVE-2023-47234.html * https://www.suse.com/security/cve/CVE-2023-47235.html * https://www.suse.com/security/cve/CVE-2024-27913.html * https://www.suse.com/security/cve/CVE-2024-31948.html * https://www.suse.com/security/cve/CVE-2024-31950.html * https://www.suse.com/security/cve/CVE-2024-31951.html * https://www.suse.com/security/cve/CVE-2024-34088.html * https://www.suse.com/security/cve/CVE-2024-44070.html * https://jira.suse.com/browse/PED-11092
participants (1)
-
OPENSUSE-SECURITY-UPDATES