CVE-2024-31950/frr buster and bullseye is not affected

Vulnerable feature (Link State Data Base) has been introduced in 8.0 (first version containing commit f173deb35206a0)
author: Tobias Frost <tobi@debian.org> 2024-04-27 12:17:47 +0200
committer: Tobias Frost <tobi@debian.org> 2024-04-27 12:17:47 +0200
commit: 0fad262cd443e115aa0cb853829adda60229f5d6 (patch)
tree: 2a1367fc492c3e28edd0cea120df5b1d1f785fd5
parent: 9fe826e21eab6cef321cb83c6d10cd44eb65271e (diff)
1 files changed, 3 insertions, 0 deletions
diff --git a/data/CVE/list b/data/CVE/list
index e76e2c2614..7a5a281814 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -5965,8 +5965,11 @@ CVE-2024-31951 (In the Opaque LSA Extended Link parser in FRRouting (FRR) throug
 	NOTE: Proposed fix: https://github.com/FRRouting/frr/pull/15674/commits/344fb4be2bc27316c74b17003c05ea40be395836
 CVE-2024-31950 (In FRRouting (FRR) through 9.1, there can be a buffer overflow and dae ...)
 	- frr <unfixed>
+	[bullseye] - frr <not-affected> (Vulnerable code not present)
+	[buster] - frr <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/FRRouting/frr/pull/15674/
 	NOTE: Proposed fix: https://github.com/FRRouting/frr/pull/15674/commits/6b84541df71772f697a7f9e6b2aaf72536aab775
+	NOTE: vulnerable feature introduced in https://github.com/FRRouting/frr/commit/f173deb35206a09e8dc22828cb08638e289b72a5 (first shipped with 8.0)
 CVE-2024-31949 (In FRRouting (FRR) through 9.1, an infinite loop can occur when receiv ...)
 	- frr <unfixed>
 	NOTE: https://github.com/FRRouting/frr/pull/15640
author	Tobias Frost <tobi@debian.org>	2024-04-27 12:17:47 +0200
committer	Tobias Frost <tobi@debian.org>	2024-04-27 12:17:47 +0200
commit	0fad262cd443e115aa0cb853829adda60229f5d6 (patch)
tree	2a1367fc492c3e28edd0cea120df5b1d1f785fd5
parent	9fe826e21eab6cef321cb83c6d10cd44eb65271e (diff)