-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 02 Jun 2026 15:30:27 +0800
Source: frr
Binary: frr-doc frr-pythontools
Architecture: all
Version: 10.3-3+deb13u1
Distribution: trixie-security
Urgency: high
Maintainer: all Build Daemon (x86-grnet-02) <buildd_all-x86-grnet-02@buildd.debian.org>
Changed-By: Aron Xu <aron@debian.org>
Description:
 frr-doc    - FRRouting Internet routing protocol suite (documentation)
 frr-pythontools - FRRouting Internet routing protocol suite (reload support)
Changes:
 frr (10.3-3+deb13u1) trixie-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Backport upstream fixes for several BGP/OSPF parsing vulnerabilities:
     - CVE-2026-37457: off-by-one out-of-bounds write in the BGP FlowSpec
       operator decoder (bgp_flowspec_op_decode).
     - CVE-2026-28532: out-of-bounds read in OSPF TE/SR Opaque LSA TLV parsing
       caused by a truncated uint16_t length accumulator.
     - CVE-2026-5107: missing length validation when parsing EVPN Type-2/3/4
       and ENCAP/VNC NLRIs.
     - CVE-2026-37458: missing martian next-hop validation in MP_REACH_NLRI.
     - CVE-2025-61099, CVE-2025-61100, CVE-2025-61101, CVE-2025-61102,
       CVE-2025-61103, CVE-2025-61104, CVE-2025-61105, CVE-2025-61106,
       CVE-2025-61107: NULL pointer dereference in ospfd when dumping Opaque
       LSAs while OSPF packet debugging is enabled.
Checksums-Sha1:
 c4537ed96677e26de27c4cb71c3f4be0b411773c 1961548 frr-doc_10.3-3+deb13u1_all.deb
 844acde107e29ddf29adcd4584e80930792ccb0b 41072 frr-pythontools_10.3-3+deb13u1_all.deb
 01995cea695a228b932437692470902eb371206b 10024 frr_10.3-3+deb13u1_all-buildd.buildinfo
Checksums-Sha256:
 9c94658e6fd13693a1936d4aad82a19f9fadd63bcd51734837f792cadc6aaa74 1961548 frr-doc_10.3-3+deb13u1_all.deb
 2f467096f626f3b6428427625c34c3b177cd5bd6488e61d3081c04bec18d55c7 41072 frr-pythontools_10.3-3+deb13u1_all.deb
 bb64a28b8b4560dbb9cc8bf08cb5264c556114ddb5feb194b4fec7573b5dc313 10024 frr_10.3-3+deb13u1_all-buildd.buildinfo
Files:
 81a28cb7e436f7d59b223fedf39479aa 1961548 doc optional frr-doc_10.3-3+deb13u1_all.deb
 06c91c21ad8a1b318720a5cc0e3ab5ef 41072 net optional frr-pythontools_10.3-3+deb13u1_all.deb
 51cacd3e3e0193ffd7059b2dabc79ddb 10024 net optional frr_10.3-3+deb13u1_all-buildd.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE81O8NL+3kjBAqEvLmgPNRvTf/zcFAmog7MkACgkQmgPNRvTf
/ze+2w/+I2NGxFhWeCd9DYNLsNgjNCdkiwhC5vGKqacbsAe4gkl4K1udL3bQUkxY
PSu1M1KyOHh/NZG4Lmg/M5ZFPz+bkM+K+5rHanWfuAHmj9O7tjz17H4EbRM7Ua86
qrsS7u1I8KoWAY52weHFsEuLjazZE4Fs1kN01WEVxaSuRqJONuJlbLDsQsFSMq/q
TcpD9Rr8KXISntAkmGdWXRyrn9VrPhXpFM9N+QZrNLVI+qu46p/1qazWJc3Y0ncR
6AMIDxFqIjDOr002HKSTg8KuxC8KGcX+D5yiUEhiNGN9eU38M1Y507I/PKzVTPpA
I9KRDjzzFJb6l8/fhAyIpnijSqyHCCcMKY0JahmwkUx9wnMVpgzt31jA6RM2d6Y6
pH69FXUPg68VMtAEyo9uExG0MoL4TTMzYu6o08NGfdctOXlimO90wHqYzYxOuBqL
26CcONULjTEtJnkBxMgZ+bs0uqrKwcwr8rjlO5b90ZzOcrKtco1x1jyLF0qyq3/i
QnDIBm9fYbc55TeUI0aE9uJWUB4b6V36mUSZMUzUVQOqCMB/Tjq+rJFn8EyHiiZd
vH7rwGgtJAfpLZEkQX6crJaS8UwQ48iEV82v8CyAwf2IOnyqXclDwcY5C9rPDz60
hyPO4Gq9vVKAKdhWSkDJYS4UxIVbQakyZCI2tdYp0vMGenm1bFI=
=j1Nh
-----END PGP SIGNATURE-----