-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 29 Mar 2025 03:13:08 +0100
Source: fort-validator
Binary: fort-validator fort-validator-dbgsym
Architecture: i386
Version: 1.5.4-1+deb12u1
Distribution: bookworm
Urgency: medium
Maintainer: i386 Build Daemon (x86-grnet-01) <buildd_amd64-x86-grnet-01@buildd.debian.org>
Changed-By: Daniel Leidert <dleidert@debian.org>
Description:
 fort-validator - RPKI validator and RTR server
Changes:
 fort-validator (1.5.4-1+deb12u1) bookworm; urgency=medium
 .
   * Non-maintainer upload by the Debian LTS Team.
   * d/control (Build-Depends): Add rsync for running tests.
   * d/patches/CVE-2024-45234.patch: Add patch to fix CVE-2024-45234.
     - A malicious RPKI repository that descends from a (trusted) Trust Anchor
       can serve (via rsync or RRDP) an ROA or a Manifest containing a
       signedAttrs encoded in non-canonical form. This bypasses Fort's BER
       decoder, reaching a point in the code that panics when faced with data
       not encoded in DER. Because Fort is an RPKI Relying Party, a panic can
       lead to Route Origin Validation unavailability, which can lead to
       compromised routing.
   * d/patches/CVE-2024-45235.patch: Add patch to fix CVE-2024-45235.
     - A malicious RPKI repository that descends from a (trusted) Trust Anchor
       can serve (via rsync or RRDP) a resource certificate containing an
       Authority Key Identifier extension that lacks the keyIdentifier field.
       Fort references this pointer without sanitizing it first. Because Fort
       is an RPKI Relying Party, a crash can lead to Route Origin Validation
       unavailability, which can lead to compromised routing.
   * d/patches/CVE-2024-45236.patch: Add patch to fix CVE-2024-45236.
     - A malicious RPKI repository that descends from a (trusted) Trust Anchor
       can serve (via rsync or RRDP) a signed object containing an empty
       signedAttributes field. Fort accesses the set's elements without
       sanitizing it first. Because Fort is an RPKI Relying Party, a crash can
       lead to Route Origin Validation unavailability, which can lead to
       compromised routing.
   * d/patches/CVE-2024-45237.patch: Add patch to fix CVE-2024-45237.
     - A malicious RPKI repository that descends from a (trusted) Trust Anchor
       can serve (via rsync or RRDP) a resource certificate containing a Key
       Usage extension composed of more than two bytes of data. Fort writes this
       string into a 2-byte buffer without properly sanitizing its length,
       leading to a buffer overflow.
   * d/patches/CVE-2024-45238.patch: Add patch to fix CVE-2024-45238.
     - A malicious RPKI repository that descends from a (trusted) Trust Anchor
       can serve (via rsync or RRDP) a resource certificate containing a bit
       string that doesn't properly decode into a Subject Public Key. OpenSSL
       does not report this problem during parsing, and when compiled with
       OpenSSL libcrypto versions below 3, Fort recklessly dereferences the
       pointer. Because Fort is an RPKI Relying Party, a crash can lead to Route
       Origin Validation unavailability, which can lead to compromised routing.
   * d/patches/CVE-2024-45239.patch: Add patch to fix CVE-2024-45239.
     - A malicious RPKI repository that descends from a (trusted) Trust Anchor
       can serve (via rsync or RRDP) an ROA or a Manifest containing a null
       eContent field. Fort dereferences the pointer without sanitizing it
       first. Because Fort is an RPKI Relying Party, a crash can lead to Route
       Origin Validation unavailability, which can lead to compromised routing.
   * d/patches/CVE-2024-48943.patch: Add patch to fix CVE-2024-48943.
     - A malicious RPKI rsync repository can prevent Fort from finishing its
       validation run by drip-feeding its content. This can lead to delayed
       validation and a stale or unavailable Route Origin Validation.
       (thanks to Jochen Sprickerhof for helping backporting the test case)
Checksums-Sha1:
 27fefd3cc872cafb7019f703c57b8ded7ee8ae84 547704 fort-validator-dbgsym_1.5.4-1+deb12u1_i386.deb
 08fdfaccc374f10042ee71f214f362c66e1b9233 7209 fort-validator_1.5.4-1+deb12u1_i386-buildd.buildinfo
 f2eb0609b3526942cc58bccc34a04cdd7333c327 222544 fort-validator_1.5.4-1+deb12u1_i386.deb
Checksums-Sha256:
 373dbdf44c641c9c1ee2b9795e0ce54bee8133a3c22c66eeb4a7a86c84160ebb 547704 fort-validator-dbgsym_1.5.4-1+deb12u1_i386.deb
 552832dcad990e01d4824316c16861195dea8caa183a9fda128ce8c2523d53a7 7209 fort-validator_1.5.4-1+deb12u1_i386-buildd.buildinfo
 8be7cdb7892c78e5f8a126570388f09b5482eea1bd93f130668ef8c09944684d 222544 fort-validator_1.5.4-1+deb12u1_i386.deb
Files:
 eef545e8640585a2c8e8d70019b16357 547704 debug optional fort-validator-dbgsym_1.5.4-1+deb12u1_i386.deb
 4cef4047df1527c4e9e5a625d49a2f3c 7209 net optional fort-validator_1.5.4-1+deb12u1_i386-buildd.buildinfo
 4e256e54c1eb626da5a8392d02d64442 222544 net optional fort-validator_1.5.4-1+deb12u1_i386.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEv2qEY4xQXyY/2dWIvGw9w6VrLCcFAmhpUzsACgkQvGw9w6Vr
LCdvfhAAggMg4tYM1N652hG/4Zgl05wbqviyK1WAQeJFsg42nCkrfzpDRty/qnGx
VXFoXMj8SFDrRrJO581bNE/jLjUjbFKNQ9uMSavvsMwKPaABLzu5uG0MPWgWRECC
9wZSRpOTneQKXq61fDjLraaVzD4xzICwOjQiDF58ZSD/r1KaPfEBZnMlgV00zuAj
rkOFT8nVxRYSKQNjUrzRVyFxSFnXD/ZtunKgz0i8J1m7Yj4Srrq1gBJixPoON+QR
EKBi/AeSAJIuYLS6uniQgPBMh3lK6kULkCuGDAxu1ByNV3DvQyjzyhCBHYaxDWc/
H/ijyk123HkCPW3Nep684ezUtqzwtDEx6oE8KrFxkeEN3RxOFt4Ri7YA9qt0h3tA
99BKD7+rxQEmNRfTtL/FBp6c73q5YmJYR7ZdxQwFvJi/BfaVu37wh7/IlPlQMNvs
7ifkXjmVydLvyVCvTzwCr2kPfPmo0viyRvD+vWzFu4W/ktkMUi7QguHSnisnsgqX
SmUqjp41ikangLTaCgFUZzbVkT9HA/I4VZqlUwfHRsK4J2TIBvQWdcvDiw7JzdY8
e77XqmkfD60w8LZ+4xgDTiDUF1pnh7ox9OnIrLJTRXcjiQJN7pUuxJWCArVntXG4
gV3OC3dlQUc95MlRUISBFP+IsXtd9/Lfxx7aEopaXDftfrN4lHM=
=mzWD
-----END PGP SIGNATURE-----