-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 02 Jun 2026 15:30:27 +0800 Source: frr Binary: frr frr-dbgsym frr-rpki-rtrlib frr-rpki-rtrlib-dbgsym frr-snmp frr-snmp-dbgsym Architecture: ppc64el Version: 10.3-3+deb13u1 Distribution: trixie-security Urgency: high Maintainer: ppc64el Build Daemon (ppc64el-osuosl-02) Changed-By: Aron Xu Description: frr - FRRouting Internet routing protocol suite frr-rpki-rtrlib - FRRouting Internet routing protocol suite (BGP RPKI support) frr-snmp - FRRouting Internet routing protocol suite (SNMP support) Changes: frr (10.3-3+deb13u1) trixie-security; urgency=high . * Non-maintainer upload by the Security Team. * Backport upstream fixes for several BGP/OSPF parsing vulnerabilities: - CVE-2026-37457: off-by-one out-of-bounds write in the BGP FlowSpec operator decoder (bgp_flowspec_op_decode). - CVE-2026-28532: out-of-bounds read in OSPF TE/SR Opaque LSA TLV parsing caused by a truncated uint16_t length accumulator. - CVE-2026-5107: missing length validation when parsing EVPN Type-2/3/4 and ENCAP/VNC NLRIs. - CVE-2026-37458: missing martian next-hop validation in MP_REACH_NLRI. - CVE-2025-61099, CVE-2025-61100, CVE-2025-61101, CVE-2025-61102, CVE-2025-61103, CVE-2025-61104, CVE-2025-61105, CVE-2025-61106, CVE-2025-61107: NULL pointer dereference in ospfd when dumping Opaque LSAs while OSPF packet debugging is enabled. Checksums-Sha1: 61032ce44587788928a35679970eb58f90db7f09 15067808 frr-dbgsym_10.3-3+deb13u1_ppc64el.deb 7838625285fecec741171dab942e6146e7175ad0 98512 frr-rpki-rtrlib-dbgsym_10.3-3+deb13u1_ppc64el.deb 9f3b3117edd41129419e357c03be97681cf53c7b 40260 frr-rpki-rtrlib_10.3-3+deb13u1_ppc64el.deb 804bd99c92aa854e3acdd82fb458e13ad600f7c7 250096 frr-snmp-dbgsym_10.3-3+deb13u1_ppc64el.deb 60f9af001d9723d330ab3c9843568e3b8d1b7a21 77156 frr-snmp_10.3-3+deb13u1_ppc64el.deb e22131bddf13a5455f2cf8f081cd82ac9642cb0c 11233 frr_10.3-3+deb13u1_ppc64el-buildd.buildinfo dc1658c346f4e97e1fb83a7c4305c561a518d004 6257388 frr_10.3-3+deb13u1_ppc64el.deb Checksums-Sha256: 046d44e27486b1f8534dc8f47900dc5e9be4aa671ee965d74209248133dbdc10 15067808 frr-dbgsym_10.3-3+deb13u1_ppc64el.deb e42a7cde73f4745f1655ddc543b924f45d7999e96c09381506b0727df82718e3 98512 frr-rpki-rtrlib-dbgsym_10.3-3+deb13u1_ppc64el.deb 28a06eba464aad3b4fbead1affa9ed126113c708ad6f7468c4e3ce58f2e2d77b 40260 frr-rpki-rtrlib_10.3-3+deb13u1_ppc64el.deb 5ab3e8969348aaab4d65e9b16794aa7f88b8548fdb5a4129b9405dc632911e79 250096 frr-snmp-dbgsym_10.3-3+deb13u1_ppc64el.deb 1c1efd2b8020739b53cb2a0928a25c0de8c1771cbc1eccd0822376f954a9f25c 77156 frr-snmp_10.3-3+deb13u1_ppc64el.deb ca6876a61fc76c09c52ac571b1429628a859518fdd893522d76ea9706ea563e9 11233 frr_10.3-3+deb13u1_ppc64el-buildd.buildinfo 2104f60bf33cf1e8b1897ed6aaa7eebd3841e7cfc2458c42b2122374c0c8c98f 6257388 frr_10.3-3+deb13u1_ppc64el.deb Files: d707136d4fb83b2559661c7d67b6cc76 15067808 debug optional frr-dbgsym_10.3-3+deb13u1_ppc64el.deb 5be2a714d61a17254c55623a461d2cc6 98512 debug optional frr-rpki-rtrlib-dbgsym_10.3-3+deb13u1_ppc64el.deb f216b4c2d53a4a59a081c951203f0f49 40260 net optional frr-rpki-rtrlib_10.3-3+deb13u1_ppc64el.deb 9ec5c6dd7e580f2ae0da6c56f37eb67e 250096 debug optional frr-snmp-dbgsym_10.3-3+deb13u1_ppc64el.deb f705d383179b46c77d688a085f347d7b 77156 net optional frr-snmp_10.3-3+deb13u1_ppc64el.deb 295bd26c37b0f79c688146cd1fe89c20 11233 net optional frr_10.3-3+deb13u1_ppc64el-buildd.buildinfo 451efc3e81637812f38a6564ce0206d2 6257388 net optional frr_10.3-3+deb13u1_ppc64el.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE9ibmwdV9gdKNbK7oV8ucRsMTpuMFAmog7RUACgkQV8ucRsMT puNlQA/6AmFcs+BWKl+g7GUyMCqSr36XmDu3Bpo/5XTs/vcHFBDboe8/pfQXhVix Vi/BaF5ACxyZtGphxKrne+t5hmxUEbLLHhMztRYoY57M/0OgTTbc/guvy3URnZIr gOsEdPxr8b0a6QRUEHYMoAjT3bRan7+k3NdT/JXQws3D2Nzt2DFqzBSalGbBJdG2 RxvpD6Nrk6tmpT/O+FZrLJIWbFRQQLuI+khcjfP5Log4jcCN3c11gErV+wIi8OB0 JSYsm8+mLKC8sUvHvwYuCwnzHWoCuueucqMpI8/lXeN8M2GbGhRGHUS2rZMF2JpO +MnOEImBvt67buATZHt7QnWhewyWj764lr0DVYkQBDP6/gjM5LgcIp1QQd93k4Nh rJOT8Vc9sTD9kXX5+TE0VHS4RL9RPgmazV9CKhyuRhwMDH6aOjUlWPJ3zgmS/vkO Vljq4f8c0eOP5qir0+b/jPwOA+E6rxzxKWXOU6gXR8OFISaGpEXRO/TvF/d4KY3F 3ocz+jexrjvA1aiCepPkk1Q4/1i0Cv6RAv3nJYO1AVezakdFeei9xnFG/nyt+mHy tZdhF4tF1Kujbhg5ZU09icOv4nYRJuH9hqcw9utPHJ8og86hTlVS140i7bGeCgip 6YTpE4OfLx+IO3nbx2gb9sRZg6Ly15ZkqLh9F2jUfsqrxQrFdWs= =ND/l -----END PGP SIGNATURE-----