-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 02 Jun 2026 15:30:27 +0800
Source: frr
Binary: frr frr-dbgsym frr-rpki-rtrlib frr-rpki-rtrlib-dbgsym frr-snmp frr-snmp-dbgsym
Architecture: mips64el
Version: 8.4.4-1.1~deb12u2
Distribution: bookworm-security
Urgency: high
Maintainer: mipsel Build Daemon (mipsel-osuosl-05) <buildd_mips64el-mipsel-osuosl-05@buildd.debian.org>
Changed-By: Aron Xu <aron@debian.org>
Description:
 frr        - FRRouting suite of internet protocols (BGP, OSPF, IS-IS, ...)
 frr-rpki-rtrlib - FRRouting suite - BGP RPKI support (rtrlib)
 frr-snmp   - FRRouting suite - SNMP support
Changes:
 frr (8.4.4-1.1~deb12u2) bookworm-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Backport upstream fixes for several BGP/OSPF/babeld vulnerabilities:
     - CVE-2026-37457: off-by-one out-of-bounds write in the BGP FlowSpec
       operator decoder.
     - CVE-2026-28532: out-of-bounds read in OSPF TE/SR Opaque LSA TLV parsing
       caused by a truncated length accumulator (ospf_te_delete_te hunk adapted
       to the 8.4.4 edge-key code).
     - CVE-2026-5107: missing length validation when parsing EVPN Type-2/3/4 and
       ENCAP/VNC NLRIs (hand-ported to the 8.4.4 EVPN code).
     - CVE-2026-37458: missing martian next-hop validation in MP_REACH_NLRI.
     - CVE-2025-61099, CVE-2025-61100, CVE-2025-61101, CVE-2025-61102,
       CVE-2025-61103, CVE-2025-61104, CVE-2025-61105, CVE-2025-61106,
       CVE-2025-61107: NULL pointer dereference in ospfd when dumping Opaque
       LSAs while OSPF packet debugging is enabled.
     - CVE-2023-3748: infinite loop (DoS) in babeld packet parsing.
     - CVE-2024-27913, CVE-2024-31950, CVE-2024-31951, CVE-2024-34088: crashes
       and buffer overflows in OSPF Traffic Engineering / Opaque LSA parsing.
Checksums-Sha1:
 e9058f41513782b4082f4478bf3f91fcdd62ecf4 17031704 frr-dbgsym_8.4.4-1.1~deb12u2_mips64el.deb
 c6aecf5bd7119a3b6f9594b9df0fc7eed304729e 74636 frr-rpki-rtrlib-dbgsym_8.4.4-1.1~deb12u2_mips64el.deb
 8f2977725dcf0c1553ccb57780a0b8076dd55641 24456 frr-rpki-rtrlib_8.4.4-1.1~deb12u2_mips64el.deb
 eb179398967d17d84b0d0f81bc41b38b089bc704 288160 frr-snmp-dbgsym_8.4.4-1.1~deb12u2_mips64el.deb
 10ad19130d5fe829910efc9199766267d702b11e 62488 frr-snmp_8.4.4-1.1~deb12u2_mips64el.deb
 0c16883f6019b3c14515a42d7509874b2089b429 11058 frr_8.4.4-1.1~deb12u2_mips64el-buildd.buildinfo
 a26f680a3f4629da44ff40df5f8e771f79c81fc4 3525144 frr_8.4.4-1.1~deb12u2_mips64el.deb
Checksums-Sha256:
 591b2374477417a7d1afdf6e4338c5498a10541ccc355775c99bf309118845d9 17031704 frr-dbgsym_8.4.4-1.1~deb12u2_mips64el.deb
 e2eaf45b572d39804a1e79bb8c6854af850d913a6fdb84f671d8662f2e9e7562 74636 frr-rpki-rtrlib-dbgsym_8.4.4-1.1~deb12u2_mips64el.deb
 15648fec44749072bc4655bd7f7720fb611263ee6d2610c249abde2abb839739 24456 frr-rpki-rtrlib_8.4.4-1.1~deb12u2_mips64el.deb
 4592a5696a32e1c907d7954e43cb925f87c802d93cc06e0a4ea615ed70c98ea9 288160 frr-snmp-dbgsym_8.4.4-1.1~deb12u2_mips64el.deb
 8c1e2dcbae8618a3cbab954eca87000229530aabedb620559d1806b364b2eddf 62488 frr-snmp_8.4.4-1.1~deb12u2_mips64el.deb
 986e3ccb03c17ce40430d1861cc44b57100469b4bcb02063df879b8686c95684 11058 frr_8.4.4-1.1~deb12u2_mips64el-buildd.buildinfo
 b3f458fad4f9dab0cb7a0a5e69766935280baea06ef8443539622b3e36d773fd 3525144 frr_8.4.4-1.1~deb12u2_mips64el.deb
Files:
 1f20d72ed789c2a984f3f8b5a8658b81 17031704 debug optional frr-dbgsym_8.4.4-1.1~deb12u2_mips64el.deb
 d4280d8bd651357e89cd0628a96b37df 74636 debug optional frr-rpki-rtrlib-dbgsym_8.4.4-1.1~deb12u2_mips64el.deb
 7ae3c676557ff0344122f7a1255107b3 24456 net optional frr-rpki-rtrlib_8.4.4-1.1~deb12u2_mips64el.deb
 0fc032647ec6210f770e0b1ca6a6b8f6 288160 debug optional frr-snmp-dbgsym_8.4.4-1.1~deb12u2_mips64el.deb
 52ee81c510992d11aa9c04f8f640372a 62488 net optional frr-snmp_8.4.4-1.1~deb12u2_mips64el.deb
 2e6bdfe812a647abf678fa823275c6d3 11058 net optional frr_8.4.4-1.1~deb12u2_mips64el-buildd.buildinfo
 e037aad32f4766542b18a54bfdc4b6f2 3525144 net optional frr_8.4.4-1.1~deb12u2_mips64el.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE4ZxaH3zEHAF/GhnCHrk2gTKeWggFAmog/IEACgkQHrk2gTKe
Wgjjzg/+OBDnwTqAo4CU7T8CNBXvxdvK+IoAtB7pIr6WU1HLsE8GOqansKXNtJRO
kY73+LnN3tWLn31RaEk/yUI2aTH2xeGwCU486rbPIubt9qmGc0JolDj9qCZTIFpx
c5u2J4dzc9pHub31pdO6tbI9+ByQaZD7MIQKZdQELWvLLG8w7RFThthvTdbT5ySX
YbjLjisOL5ajBXh3qFvw4/qvWfffFultj+jS1NbUv26JtClYhh6yg7JhInh5dzLG
mA4VU3Uj/Dm9m2gQdJSufFo3C9r2PoPmaid81Mg3OXkkjdJyxxqbc0eNLnyyRo8N
ALTqD9vQtx6aTm/QgrdlHpMTj+RRbXZ1hnA/w9PJ4N9TwjX1YFSKeDtWJS5Z4/Kp
PAhsSPyfhtmwnJffemYHTLHsXEW0Xvcf8utq4FIcqh5yAcbRd+HoZeZixEDsMqsW
mcsq1XyonPvtJhqiyvWOrue61VMwZApZjyjJihnUQnGYv+G3ttCQR3MdZ0a/dZTS
sxd0lkV+XCRCPCQ/GtMAuxsH5zYPS3W4OhcdxnbPPcEF6EC/EIWxRItr8aMq85O+
IfH0ZaLu02wRkVDf8U2Mhh5cc3J/TwQxY/yvLZ2zkooJxGjDnapBEIhopduf5Xok
gZH9togE0ItpgYk0aW/Jf9PO0mTdt1md/J5kv/xnJ2BjEO/Lk90=
=SLUK
-----END PGP SIGNATURE-----