Comment 2 for bug 2018072

This bug was fixed in the package frr - 8.4.4-1ubuntu1

---------------
frr (8.4.4-1ubuntu1) mantic; urgency=medium

  * Merge with Debian unstable (LP: #2018072). Remaining changes:
    - Fix logging with Ubuntu's unprivileged rsyslog (LP #1958162):
      + d/frr.postinst: change log files ownership
      + d/frr.logrotate: change rotated log file ownership
  * Dropped:
    - SECURITY UPDATE: denial of service via bgp_capability_llgr()
      + debian/patches/CVE-2023-31489.patch: check 7 bytes for Long-lived
        Graceful-Restart capability in bgpd/bgp_open.c.
      + CVE-2023-31489
        [Fixed upstream in 8.4.4]
    - SECURITY UPDATE: denial of service via bgp_attr_psid_sub()
      + debian/patches/CVE-2023-31490.patch: ensure stream received has
        enough data in bgpd/bgp_attr.c.
      + CVE-2023-31490
        [Fixed upstream in version 8.4.4]

 -- Andreas Hasenack <email address hidden> Wed, 26 Jul 2023 17:43:05 -0300