Package "frr"

  frr (10.4.1-3ubuntu1.1) questing-security; urgency=medium

  * SECURITY UPDATE: multiple ospf security issues
    - debian/patches/CVE-2025-61xxx-1.patch: add null check for vty_out in
      check_tlv_size in ospfd/ospf_ext.c.
    - debian/patches/CVE-2025-61xxx-2.patch: fix NULL Pointer Deference
      when dumping link info in ospfd/ospf_ext.c.
    - debian/patches/CVE-2025-61xxx-3.patch: skip subsequent tlvs after
      invalid length in ospfd/ospf_ext.c, ospfd/ospf_ri.c, ospfd/ospf_te.c.
    - debian/patches/CVE-2025-61xxx-4.patch: reformat check_tlv_size macro
      in ospfd/ospf_ext.c, ospfd/ospf_ri.c, ospfd/ospf_te.c.
    - CVE-2025-61099, CVE-2025-61100, CVE-2025-61101, CVE-2025-61102,
      CVE-2025-61103, CVE-2025-61104, CVE-2025-61105, CVE-2025-61106,
      CVE-2025-61107

 -- Marc Deslauriers <email address hidden> Thu, 12 Feb 2026 09:27:07 -0500