| Release | Version |
|---|---|
| jessie | 1:1.2.13-1+deb8u1 |
| stretch | 1:1.3.2-1+deb9u1 |
| buster | 1:2.0.10-1+deb10u1 |
| bullseye | 1:2.1.5-0.2+deb11u1 |
| bookworm | 1:2.2.7-1 |
| trixie | 1:2.3.1-1 |
| sid | 1:2.3.1-1 |
| Bug | jessie | stretch | buster | bullseye | bookworm | trixie | sid | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-41184 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | In the vrrp_ipsets_handler handler (fglobal_parser.c) of keepalived th ... |
| Bug | jessie | stretch | buster | bullseye | bookworm | trixie | sid | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-19046 | vulnerable | vulnerable | fixed | fixed | fixed | fixed | fixed | keepalived 2.0.8 didn't check for existing plain files when writing da ... |
| CVE-2018-19045 | vulnerable | vulnerable | fixed | fixed | fixed | fixed | fixed | keepalived 2.0.8 used mode 0666 when creating new temporary files upon ... |
| CVE-2018-19044 | vulnerable | vulnerable | fixed | fixed | fixed | fixed | fixed | keepalived 2.0.8 didn't check for pathnames with symlinks when writing ... |
| Bug | Description |
|---|---|
| CVE-2021-44225 | In Keepalived through 2.2.4, the D-Bus policy does not sufficiently re ... |
| CVE-2018-19115 | keepalived before 2.0.7 has a heap-based buffer overflow when parsing ... |
| CVE-2011-1784 | The pidfile_write function in core/pidfile.c in keepalived 1.2.2 and e ... |
| DSA / DLA | Description |
|---|---|
| ELA-834-1 | keepalived - security update |
| DLA-3388-1 | keepalived - security update |
| DLA-1589-1 | keepalived - security update |