Debian Patches
Status for fort-validator/1.5.4-1+deb12u1
| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| paths | no | |||||
| documentation | no | |||||
| program_defaults | no | |||||
| CVE-2024-45234.patch | Prevent crash on BER-encoded signedAttrs The code was assuming the object was DER-encoded, and the relevant integer was therefore in short form. Because I postponed the DER enforcement in deef7b7823f21914b17838f152a8bd510a348f54, the code should not make reckless assumptions about the signedAttrs encoding. Thanks to Niklas Vogel for reporting this. |
Alberto Leiva Popper <ydahhrk@gmail.com> | yes | upstream | https://github.com/NICMx/FORT-validator/commit/521b1a0db5041258096fbabdf8fc1e10ecc793cf | 2024-08-06 |
| CVE-2024-45235.patch | [PATCH] Prevent crash on missing Authority Key Identifier Another missing NULL check. Thanks to Niklas Vogel for reporting this. |
Alberto Leiva Popper <ydahhrk@gmail.com> | yes | upstream | https://github.com/NICMx/FORT-validator/commit/b1eb3c507ae920859bbe294776ebc2bb30bb7e56 | 2024-08-06 |
| CVE-2024-45236.patch | [PATCH] Prevent crash on missing signedAttrs Though RPKI enforces the presence of this field, it is very much optional in CMS. Also adds missing validation messages in relevant error paths. Thanks to Niklas Vogel for reporting this. |
Alberto Leiva Popper <ydahhrk@gmail.com> | yes | upstream | https://github.com/NICMx/FORT-validator/commit/4dafbd9de64a5a0616af97365bc1751465b29d2e | 2024-08-06 |
| CVE-2024-45237.patch | [PATCH] Prevent crash on malformed Key Usage Key Usage bit strings longer than 2 bytes were inducing buffer overflow. Thanks to Niklas Vogel for reporting this. |
Alberto Leiva Popper <ydahhrk@gmail.com> | yes | upstream | https://github.com/NICMx/FORT-validator/commit/939d988551d17996be73f52c376a70a3d6ba69f9 | 2024-08-06 |
| CVE-2024-45238.patch | [PATCH] Prevent crash on malformed subjectPublicKey A malformed subjectPublicKey causes X509_PUBKEY_get0() to return NULL. Fort wasn't catching this when linked specifically to OpenSSL < 3. Thanks to Niklas Vogel for reporting this. |
Alberto Leiva Popper <ydahhrk@gmail.com> | yes | upstream | https://github.com/NICMx/FORT-validator/commit/5689dea5e878fed28c5f338a27d7cda4151a14f1 | 2024-08-06 |
| CVE-2024-45239.patch | [PATCH] Prevent crash on missing eContent Applies to the RouteOriginAttestation and Manifest octet strings. Thanks to Niklas Vogel for reporting this. |
Alberto Leiva Popper <ydahhrk@gmail.com> | yes | upstream | https://github.com/NICMx/FORT-validator/commit/942f921ba7244cdcf4574cedc4c16392a7cc594b | 2024-08-06 |
| CVE-2024-48943.patch | [PATCH 1/7] Introduce a rsync transfer timeout Default set to 900 (same as rpki-client) Fixes https://github.com/NICMx/FORT-validator/issues/74 |
Job Snijders <job@sobornost.net> | yes | upstream | https://github.com/NICMx/FORT-validator/commit/4ee88d1c3fa7df763dd52312134cd93c1ce50870 | 2024-08-22 |
All known versions for source package 'fort-validator'
- 1.6.6-1 (sid, forky, trixie)
- 1.6.6-1~bpo12+1 (bookworm-backports)
- 1.5.4-1+deb12u1 (bookworm)