Information on source package cfrpki

Available versions

ReleaseVersion
bullseye1.4.2-1~deb11u1
bookworm1.4.4-1

Open issues

BugbullseyebookwormDescription
CVE-2022-3616vulnerable (no DSA)fixedAttackers can create long chains of CAs that would lead to OctoRPKI ex ...

Resolved issues

BugDescription
CVE-2021-43174NLnet Labs Routinator versions 0.9.0 up to and including 0.10.1, suppo ...
CVE-2021-43173In NLnet Labs Routinator prior to 0.10.2, a validation run can be dela ...
CVE-2021-3912OctoRPKI tries to load the entire contents of a repository in memory, ...
CVE-2021-3911If the ROA that a repository returns contains too many bits for the IP ...
CVE-2021-3910OctoRPKI crashes when encountering a repository that returns an invali ...
CVE-2021-3909OctoRPKI does not limit the length of a connection, allowing for a slo ...
CVE-2021-3908OctoRPKI does not limit the depth of a certificate chain, allowing for ...
CVE-2021-3907OctoRPKI does not escape a URI with a filename containing "..", this a ...
CVE-2021-3761Any CA issuer in the RPKI can trick OctoRPKI prior to 1.3.0 into emitt ...

Security announcements

DSA / DLADescription
DSA-5041-1cfrpki - security update

Search for package or bug name: Reporting problems