{"affected":[{"ecosystem_specific":{"binaries":[{"libfpm_pb0":"1.1.1-150000.4.3.1","libospf0":"1.1.1-150000.4.3.1","libospfapiclient0":"1.1.1-150000.4.3.1","libquagga_pb0":"1.1.1-150000.4.3.1","libzebra1":"1.1.1-150000.4.3.1","quagga":"1.1.1-150000.4.3.1","quagga-devel":"1.1.1-150000.4.3.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise High Performance Computing 15 SP1-LTSS","name":"quagga","purl":"pkg:rpm/suse/quagga&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.1.1-150000.4.3.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libfpm_pb0":"1.1.1-150000.4.3.1","libospf0":"1.1.1-150000.4.3.1","libospfapiclient0":"1.1.1-150000.4.3.1","libquagga_pb0":"1.1.1-150000.4.3.1","libzebra1":"1.1.1-150000.4.3.1","quagga":"1.1.1-150000.4.3.1","quagga-devel":"1.1.1-150000.4.3.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise High Performance Computing 15 SP2-LTSS","name":"quagga","purl":"pkg:rpm/suse/quagga&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.1.1-150000.4.3.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libfpm_pb0":"1.1.1-150000.4.3.1","libospf0":"1.1.1-150000.4.3.1","libospfapiclient0":"1.1.1-150000.4.3.1","libquagga_pb0":"1.1.1-150000.4.3.1","libzebra1":"1.1.1-150000.4.3.1","quagga":"1.1.1-150000.4.3.1","quagga-devel":"1.1.1-150000.4.3.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise High Performance Computing 15 SP3-ESPOS","name":"quagga","purl":"pkg:rpm/suse/quagga&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-ESPOS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.1.1-150000.4.3.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libfpm_pb0":"1.1.1-150000.4.3.1","libospf0":"1.1.1-150000.4.3.1","libospfapiclient0":"1.1.1-150000.4.3.1","libquagga_pb0":"1.1.1-150000.4.3.1","libzebra1":"1.1.1-150000.4.3.1","quagga":"1.1.1-150000.4.3.1","quagga-devel":"1.1.1-150000.4.3.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise High Performance Computing 15 SP3-LTSS","name":"quagga","purl":"pkg:rpm/suse/quagga&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.1.1-150000.4.3.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libfpm_pb0":"1.1.1-150000.4.3.1","libospf0":"1.1.1-150000.4.3.1","libospfapiclient0":"1.1.1-150000.4.3.1","libquagga_pb0":"1.1.1-150000.4.3.1","libzebra1":"1.1.1-150000.4.3.1","quagga":"1.1.1-150000.4.3.1","quagga-devel":"1.1.1-150000.4.3.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 15 SP1-LTSS","name":"quagga","purl":"pkg:rpm/suse/quagga&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.1.1-150000.4.3.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libfpm_pb0":"1.1.1-150000.4.3.1","libospf0":"1.1.1-150000.4.3.1","libospfapiclient0":"1.1.1-150000.4.3.1","libquagga_pb0":"1.1.1-150000.4.3.1","libzebra1":"1.1.1-150000.4.3.1","quagga":"1.1.1-150000.4.3.1","quagga-devel":"1.1.1-150000.4.3.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 15 SP2-LTSS","name":"quagga","purl":"pkg:rpm/suse/quagga&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.1.1-150000.4.3.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libfpm_pb0":"1.1.1-150000.4.3.1","libospf0":"1.1.1-150000.4.3.1","libospfapiclient0":"1.1.1-150000.4.3.1","libquagga_pb0":"1.1.1-150000.4.3.1","libzebra1":"1.1.1-150000.4.3.1","quagga":"1.1.1-150000.4.3.1","quagga-devel":"1.1.1-150000.4.3.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 15 SP3-LTSS","name":"quagga","purl":"pkg:rpm/suse/quagga&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.1.1-150000.4.3.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libfpm_pb0":"1.1.1-150000.4.3.1","libospf0":"1.1.1-150000.4.3.1","libospfapiclient0":"1.1.1-150000.4.3.1","libquagga_pb0":"1.1.1-150000.4.3.1","libzebra1":"1.1.1-150000.4.3.1","quagga":"1.1.1-150000.4.3.1","quagga-devel":"1.1.1-150000.4.3.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 15 SP1","name":"quagga","purl":"pkg:rpm/suse/quagga&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.1.1-150000.4.3.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libfpm_pb0":"1.1.1-150000.4.3.1","libospf0":"1.1.1-150000.4.3.1","libospfapiclient0":"1.1.1-150000.4.3.1","libquagga_pb0":"1.1.1-150000.4.3.1","libzebra1":"1.1.1-150000.4.3.1","quagga":"1.1.1-150000.4.3.1","quagga-devel":"1.1.1-150000.4.3.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 15 SP2","name":"quagga","purl":"pkg:rpm/suse/quagga&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.1.1-150000.4.3.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libfpm_pb0":"1.1.1-150000.4.3.1","libospf0":"1.1.1-150000.4.3.1","libospfapiclient0":"1.1.1-150000.4.3.1","libquagga_pb0":"1.1.1-150000.4.3.1","libzebra1":"1.1.1-150000.4.3.1","quagga":"1.1.1-150000.4.3.1","quagga-devel":"1.1.1-150000.4.3.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 15 SP3","name":"quagga","purl":"pkg:rpm/suse/quagga&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.1.1-150000.4.3.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libfpm_pb0":"1.1.1-150000.4.3.1","libospf0":"1.1.1-150000.4.3.1","libospfapiclient0":"1.1.1-150000.4.3.1","libquagga_pb0":"1.1.1-150000.4.3.1","libzebra1":"1.1.1-150000.4.3.1","quagga":"1.1.1-150000.4.3.1","quagga-devel":"1.1.1-150000.4.3.1"}]},"package":{"ecosystem":"SUSE:Manager Proxy 4.2","name":"quagga","purl":"pkg:rpm/suse/quagga&distro=SUSE%20Manager%20Proxy%204.2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.1.1-150000.4.3.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libfpm_pb0":"1.1.1-150000.4.3.1","libospf0":"1.1.1-150000.4.3.1","libospfapiclient0":"1.1.1-150000.4.3.1","libquagga_pb0":"1.1.1-150000.4.3.1","libzebra1":"1.1.1-150000.4.3.1","quagga":"1.1.1-150000.4.3.1","quagga-devel":"1.1.1-150000.4.3.1"}]},"package":{"ecosystem":"SUSE:Manager Server 4.2","name":"quagga","purl":"pkg:rpm/suse/quagga&distro=SUSE%20Manager%20Server%204.2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.1.1-150000.4.3.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libfpm_pb0":"1.1.1-150000.4.3.1","libospf0":"1.1.1-150000.4.3.1","libospfapiclient0":"1.1.1-150000.4.3.1","libquagga_pb0":"1.1.1-150000.4.3.1","libzebra1":"1.1.1-150000.4.3.1","quagga":"1.1.1-150000.4.3.1","quagga-devel":"1.1.1-150000.4.3.1"}]},"package":{"ecosystem":"SUSE:Enterprise Storage 7.1","name":"quagga","purl":"pkg:rpm/suse/quagga&distro=SUSE%20Enterprise%20Storage%207.1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.1.1-150000.4.3.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for quagga fixes the following issues:\n\n  - CVE-2023-38802: Fixed bad length handling in BGP attribute handling (bsc#1213284).\n  - CVE-2023-41358: Fixed possible crash when processing NLRIs if the attribute length is zero (bsc#1214735).\n","id":"SUSE-SU-2023:3836-1","modified":"2023-09-27T17:26:28Z","published":"2023-09-27T17:26:28Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2023/suse-su-20233836-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1213284"},{"type":"REPORT","url":"https://bugzilla.suse.com/1214735"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-38802"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-41358"}],"related":["CVE-2023-38802","CVE-2023-41358"],"summary":"Security update for quagga","upstream":["CVE-2023-38802","CVE-2023-41358"]}