CVE-2021-43114

Name	CVE-2021-43114
Description	FORT Validator versions prior to 1.5.2 will crash if an RPKI CA publishes an X.509 EE certificate. This will lead to RTR clients such as BGP routers to lose access to the RPKI VRP data set, effectively disabling Route Origin Validation.
Source	CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
References	DSA-5033-1

Vulnerable and fixed packages

The table below lists information on source packages.

Source Package	Release	Version	Status
fort-validator (PTS)	bullseye (security), bullseye	1.5.3-1~deb11u1	fixed
	bookworm	1.5.4-1	fixed
	sid, trixie	1.6.4+20240930-1	fixed

The information below is based on the following data on fixed versions.

Package	Type	Release	Fixed Version	Urgency	Origin	Debian Bugs
fort-validator	source	bullseye	1.5.3-1~deb11u1		DSA-5033-1
fort-validator	source	(unstable)	1.5.2-1