-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 02 Jun 2026 15:30:27 +0800 Source: frr Binary: frr frr-dbgsym frr-rpki-rtrlib frr-rpki-rtrlib-dbgsym frr-snmp frr-snmp-dbgsym Architecture: armel Version: 10.3-3+deb13u1 Distribution: trixie-security Urgency: high Maintainer: armel Build Daemon (arm-conova-04) Changed-By: Aron Xu Description: frr - FRRouting Internet routing protocol suite frr-rpki-rtrlib - FRRouting Internet routing protocol suite (BGP RPKI support) frr-snmp - FRRouting Internet routing protocol suite (SNMP support) Changes: frr (10.3-3+deb13u1) trixie-security; urgency=high . * Non-maintainer upload by the Security Team. * Backport upstream fixes for several BGP/OSPF parsing vulnerabilities: - CVE-2026-37457: off-by-one out-of-bounds write in the BGP FlowSpec operator decoder (bgp_flowspec_op_decode). - CVE-2026-28532: out-of-bounds read in OSPF TE/SR Opaque LSA TLV parsing caused by a truncated uint16_t length accumulator. - CVE-2026-5107: missing length validation when parsing EVPN Type-2/3/4 and ENCAP/VNC NLRIs. - CVE-2026-37458: missing martian next-hop validation in MP_REACH_NLRI. - CVE-2025-61099, CVE-2025-61100, CVE-2025-61101, CVE-2025-61102, CVE-2025-61103, CVE-2025-61104, CVE-2025-61105, CVE-2025-61106, CVE-2025-61107: NULL pointer dereference in ospfd when dumping Opaque LSAs while OSPF packet debugging is enabled. Checksums-Sha1: 3f3515c461c77c8ccc0d33f0bf91919329039fba 14714812 frr-dbgsym_10.3-3+deb13u1_armel.deb 4c8413307acd6c50eea15e9448c2d87c3eeec156 96804 frr-rpki-rtrlib-dbgsym_10.3-3+deb13u1_armel.deb 373966d4cdee7f13d864a69697940d39dbcafb01 32724 frr-rpki-rtrlib_10.3-3+deb13u1_armel.deb 347558f9acc8fac9086161c0cef045622caf87cc 243820 frr-snmp-dbgsym_10.3-3+deb13u1_armel.deb 253dde24ef8d733b1f60aeb401edcf010912818c 65760 frr-snmp_10.3-3+deb13u1_armel.deb fe471a1bff309d79c6f23a8cf8fd5fe417d46e74 11062 frr_10.3-3+deb13u1_armel-buildd.buildinfo df8e089596ba68fc39b5de9d503a9d7aa55825a1 4661488 frr_10.3-3+deb13u1_armel.deb Checksums-Sha256: 09c507ce1f98c4d694a3793b4e1d1b8059e68d184c3b6fe5688bd18ab1e87555 14714812 frr-dbgsym_10.3-3+deb13u1_armel.deb 638ffcff37b94be3433e7dc0b097dc1769bae9374eb79be9f091a47cc6037315 96804 frr-rpki-rtrlib-dbgsym_10.3-3+deb13u1_armel.deb da2e8284e9bd163375f320850073f072ff741bfa2c4b53f253cfe1d1bd6e3742 32724 frr-rpki-rtrlib_10.3-3+deb13u1_armel.deb 24fa2798a3456f72141cc3a0de0dbe875d662176f48654844eebf3e1d33a5101 243820 frr-snmp-dbgsym_10.3-3+deb13u1_armel.deb 6a4220a72a440c7d0e5f66070a21ecc1a5a9b0413c5b191775daa782e36389a0 65760 frr-snmp_10.3-3+deb13u1_armel.deb e69ba6268470b51dd9e3d6a18d839254af60728e47d4e85752c668679f351d66 11062 frr_10.3-3+deb13u1_armel-buildd.buildinfo e4278867b7585bac0960669bcd20371381e790dd4b750ae58ab74a23c79b93c2 4661488 frr_10.3-3+deb13u1_armel.deb Files: 265f0ebffeb846eed02188ab0a7d5d6b 14714812 debug optional frr-dbgsym_10.3-3+deb13u1_armel.deb 8ceb89ab37d5cf1b96ed9d799484ba93 96804 debug optional frr-rpki-rtrlib-dbgsym_10.3-3+deb13u1_armel.deb 1fe2410d296b8c1a23ad18df2dc565cd 32724 net optional frr-rpki-rtrlib_10.3-3+deb13u1_armel.deb a7d63edbc18e215216e2f1aa58c8146d 243820 debug optional frr-snmp-dbgsym_10.3-3+deb13u1_armel.deb fc7e30f810239d335183e0e2bbfcf34a 65760 net optional frr-snmp_10.3-3+deb13u1_armel.deb 8c8604a784c446be9f900328ccf89d66 11062 net optional frr_10.3-3+deb13u1_armel-buildd.buildinfo 0a09ace01c92f748e3812218b5444094 4661488 net optional frr_10.3-3+deb13u1_armel.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEYxmcRLDHP0tCCM0oScpU3dYulLgFAmog7O0ACgkQScpU3dYu lLieQw/8CENwdBMlA5iQ+pWRStoj7KUyuJRtVh7DrgaH2U2QKn3LXrz3+/J6FNKq 841YVMe1JjertBHvkZ1Z9KVvInB3BvKA7QI1cVZqHCceZin1qTiWHhrcJIAqn/aV kLC0ZQLwM7SD4rDOKubcgRK/j3DPbTFBNR3fKOqPCsFlJoGQhF6SjfIjAsWQySw3 e8B5eZi3uU3PivGLbJbLxHKP7n2UyrhyblylqYaPM9rpo+Zy+cXkRFszfMKwX852 GbFTYJ+oQ8BtZ1GxluYyjecW+RtcqJbqTtemZMpkD9xvpBw+ky6Y1yVHw7G9n61o vcGQ9DPAGBQ/LAPyrfI31ZFacCbZO8Mq2tBowxNR2n0V+O6ZEHI05gZawN6K7Lmn 6FpUc+fGUOwxXy+/brs5w95q8TQBTuTOXt7CeYi+sa0gJtTbcMs6wFY1ILKdjhs8 y0T7j7nx67pk1iBUZ2aptYcoQFFDaFd0bk6ZorioQhLFZwqCdII87QnLELGsa+/z 58OVt5xgfRgMNu3Q9M9YV4k8KpBOJwtOy/H/04epb+QxWNceqFlDgUjLG1hQlAke le4Xev1FNeeKuhnTRQ7MgzWbQR5xAem7IP7IBzu2BZpWRszHaKPkd99iTRrE5Caa D6I2acF2HJhVpQbyZac2HTO2QHSaqTH/w3749eQNqP7j5OONL4M= =srSR -----END PGP SIGNATURE-----