Information on source package cfrpki

Available versions

ReleaseVersion
bullseye1.4.2-1~deb11u1
bookworm1.4.3-1
sid1.4.3-1

Open issues

BugbullseyebookwormsidDescription
CVE-2021-43172vulnerable (no DSA, postponed)vulnerablevulnerableNLnet Labs Routinator prior to 0.10.2 happily processes a chain of RRD ...

Resolved issues

BugDescription
CVE-2021-43174NLnet Labs Routinator versions 0.9.0 up to and including 0.10.1, suppo ...
CVE-2021-43173In NLnet Labs Routinator prior to 0.10.2, a validation run can be dela ...
CVE-2021-3912OctoRPKI tries to load the entire contents of a repository in memory, ...
CVE-2021-3911If the ROA that a repository returns contains too many bits for the IP ...
CVE-2021-3910OctoRPKI crashes when encountering a repository that returns an invali ...
CVE-2021-3909OctoRPKI does not limit the length of a connection, allowing for a slo ...
CVE-2021-3908OctoRPKI does not limit the depth of a certificate chain, allowing for ...
CVE-2021-3907OctoRPKI does not escape a URI with a filename containing "..", this a ...
CVE-2021-3761Any CA issuer in the RPKI can trick OctoRPKI prior to 1.3.0 into emitt ...

Security announcements

DSA / DLADescription
DSA-5041-1cfrpki - security update

Search for package or bug name: Reporting problems