-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 29 Mar 2025 03:13:08 +0100
Source: fort-validator
Binary: fort-validator fort-validator-dbgsym
Architecture: arm64
Version: 1.5.4-1+deb12u1
Distribution: bookworm
Urgency: medium
Maintainer: arm Build Daemon (arm-ubc-02) <buildd_arm64-arm-ubc-02@buildd.debian.org>
Changed-By: Daniel Leidert <dleidert@debian.org>
Description:
 fort-validator - RPKI validator and RTR server
Changes:
 fort-validator (1.5.4-1+deb12u1) bookworm; urgency=medium
 .
   * Non-maintainer upload by the Debian LTS Team.
   * d/control (Build-Depends): Add rsync for running tests.
   * d/patches/CVE-2024-45234.patch: Add patch to fix CVE-2024-45234.
     - A malicious RPKI repository that descends from a (trusted) Trust Anchor
       can serve (via rsync or RRDP) an ROA or a Manifest containing a
       signedAttrs encoded in non-canonical form. This bypasses Fort's BER
       decoder, reaching a point in the code that panics when faced with data
       not encoded in DER. Because Fort is an RPKI Relying Party, a panic can
       lead to Route Origin Validation unavailability, which can lead to
       compromised routing.
   * d/patches/CVE-2024-45235.patch: Add patch to fix CVE-2024-45235.
     - A malicious RPKI repository that descends from a (trusted) Trust Anchor
       can serve (via rsync or RRDP) a resource certificate containing an
       Authority Key Identifier extension that lacks the keyIdentifier field.
       Fort references this pointer without sanitizing it first. Because Fort
       is an RPKI Relying Party, a crash can lead to Route Origin Validation
       unavailability, which can lead to compromised routing.
   * d/patches/CVE-2024-45236.patch: Add patch to fix CVE-2024-45236.
     - A malicious RPKI repository that descends from a (trusted) Trust Anchor
       can serve (via rsync or RRDP) a signed object containing an empty
       signedAttributes field. Fort accesses the set's elements without
       sanitizing it first. Because Fort is an RPKI Relying Party, a crash can
       lead to Route Origin Validation unavailability, which can lead to
       compromised routing.
   * d/patches/CVE-2024-45237.patch: Add patch to fix CVE-2024-45237.
     - A malicious RPKI repository that descends from a (trusted) Trust Anchor
       can serve (via rsync or RRDP) a resource certificate containing a Key
       Usage extension composed of more than two bytes of data. Fort writes this
       string into a 2-byte buffer without properly sanitizing its length,
       leading to a buffer overflow.
   * d/patches/CVE-2024-45238.patch: Add patch to fix CVE-2024-45238.
     - A malicious RPKI repository that descends from a (trusted) Trust Anchor
       can serve (via rsync or RRDP) a resource certificate containing a bit
       string that doesn't properly decode into a Subject Public Key. OpenSSL
       does not report this problem during parsing, and when compiled with
       OpenSSL libcrypto versions below 3, Fort recklessly dereferences the
       pointer. Because Fort is an RPKI Relying Party, a crash can lead to Route
       Origin Validation unavailability, which can lead to compromised routing.
   * d/patches/CVE-2024-45239.patch: Add patch to fix CVE-2024-45239.
     - A malicious RPKI repository that descends from a (trusted) Trust Anchor
       can serve (via rsync or RRDP) an ROA or a Manifest containing a null
       eContent field. Fort dereferences the pointer without sanitizing it
       first. Because Fort is an RPKI Relying Party, a crash can lead to Route
       Origin Validation unavailability, which can lead to compromised routing.
   * d/patches/CVE-2024-48943.patch: Add patch to fix CVE-2024-48943.
     - A malicious RPKI rsync repository can prevent Fort from finishing its
       validation run by drip-feeding its content. This can lead to delayed
       validation and a stale or unavailable Route Origin Validation.
       (thanks to Jochen Sprickerhof for helping backporting the test case)
Checksums-Sha1:
 135b561e57c257d4edf77f09dc2fcb46ce67cebf 615604 fort-validator-dbgsym_1.5.4-1+deb12u1_arm64.deb
 82d0d210dcd7b3716fe19b4dbbd4e5a5bc23b5f9 7268 fort-validator_1.5.4-1+deb12u1_arm64-buildd.buildinfo
 a73f23aade5cc01865b0e770dbacacf7d0e16812 194060 fort-validator_1.5.4-1+deb12u1_arm64.deb
Checksums-Sha256:
 082bfc3d717515d9f74a2090214f869549e0567318951f14ff9d68614ebdf066 615604 fort-validator-dbgsym_1.5.4-1+deb12u1_arm64.deb
 53b949da0ccb6aba1fffe9c504cc3d0aa902fe5e992d70641030a4d7f9c8bd3b 7268 fort-validator_1.5.4-1+deb12u1_arm64-buildd.buildinfo
 c74ea1e280628d1fd155277d6d4adae040f925460d191830e918a3846afead98 194060 fort-validator_1.5.4-1+deb12u1_arm64.deb
Files:
 0e0789288455500cd6717e488e37ec7a 615604 debug optional fort-validator-dbgsym_1.5.4-1+deb12u1_arm64.deb
 aeb520c779bb5317858a78f3da324ca5 7268 net optional fort-validator_1.5.4-1+deb12u1_arm64-buildd.buildinfo
 a50a1dd327ac165049ce2cb4ca2a693a 194060 net optional fort-validator_1.5.4-1+deb12u1_arm64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEbIns2iWsAAdAqh2MS/ZIXkV8oLAFAmhpU5gACgkQS/ZIXkV8
oLAjyA/9FWfPVA5qlNRhwDS8Fuq/Jl+UL6Z0lboBg3kad1rK3Wu4ndc5Z9wC7IWN
s24XH9PS+ogCZJzXKM1tLMkiuI9qjk7u9afA8GTUlXE5YSX7xXWADKOOsudVVP7L
Y89VLwuytDb2Kz2pDXWeyHiTmPz6JnGe87zd6tj6D00PR8ePaEwdObEYgTflkY78
f6FxEOIyytl9GFXhHI2IMZESbtWcqrERzRy8JABUpaNWN82bAzpmzmktogpeEz23
C+txIQRdNFBO/LN6Qhv0BlBuPsG9ei6oA/tnu9D0+nQZgzZ5wFnFJshxnCnN5sJ3
m8RJ70swP7ghzr+bJLRpTQSqA0oFlHhAWf4tc7kfDh6fRETZ5c6xUBwFsqSJ+a/2
NoeumqUz5dIuXIIV1U/A1I/25Zc0ENzPv1zx60G30BIjUlBDUI8hUCTk9oA4UZSB
zfuk8ZwEBtG27fQo51aWuD/91QNn+MfSiWnhx9uEH1qcsXHxXImXZEccQB5E/W8M
7buVhdat/RoODq8REbKV7zEYJbzv8Zd8Lgl/OCFmtYSML/zS24db4qz787d7+vxA
/PTXTzOc/aN8tJ86mHjt5Jq9vsciuBi97Nfjv4AuTp+eMGrOHNZeK8aaJS/VEffe
X6Z+TQN3E+IVBIXcZCXf5ion2rOS4C4XhkQOsOsrlRxmDO7PMHA=
=bUqT
-----END PGP SIGNATURE-----