frr-7.0-10.el8
エラータID: AXSA:2021-1317:01
FRRouting is free software that manages TCP/IP based routing protocols. It supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR, EIGRP and BFD.
Security Fix(es):
* frr: default permission issue eases information leaks (CVE-2020-12831)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2020-12831
** DISPUTED ** An issue was discovered in FRRouting FRR (aka Free Range Routing) through 7.3.1. When using the split-config feature, the init script creates an empty config file with world-readable default permissions, leading to a possible information leak via tools/frr.in and tools/frrcommon.sh.in. NOTE: some parties consider this user error, not a vulnerability, because the permissions are under the control of the user before any sensitive information is present in the file.
Update packages.
** DISPUTED ** An issue was discovered in FRRouting FRR (aka Free Range Routing) through 7.3.1. When using the split-config feature, the init script creates an empty config file with world-readable default permissions, leading to a possible information leak via tools/frr.in and tools/frrcommon.sh.in. NOTE: some parties consider this user error, not a vulnerability, because the permissions are under the control of the user before any sensitive information is present in the file.
N/A
SRPMS
- frr-7.0-10.el8.src.rpm
MD5: 867be48c60f8408701f1ea7ea98502ba
SHA-256: df1f4aa51d8dfc08d27dd8ead1d0e6d1b12bb51051bd3d111a4de622a275b9e5
Size: 4.66 MB
Asianux Server 8 for x86_64
- frr-7.0-10.el8.x86_64.rpm
MD5: 7a0dc8f8adcb30066057742aba2b5485
SHA-256: 788c19b7db0323e334ab75be4f714f9e2f5409484399074891fcfcd9379b95b5
Size: 2.52 MB - frr-contrib-7.0-10.el8.x86_64.rpm
MD5: e59dade36041efcaceea6d3bcf7dfe19
SHA-256: 5126d89e5378377816273f3aa1d264330f747243a652d9851562ca6531fb428a
Size: 18.39 kB
日本語