Changelog for
quagga-1.1.1-2.29.x86_64.rpm :
* Fri Feb 09 2018 mtAATTsuse.de- Applied security fix for bgpd DoS via specially crafted BGP UPDATE messages (CVE-2017-16227,bsc#1065641) [+ quagga-CVE-2017-16227-bgpd-Fix-AS_PATH-size-calculation.patch]- Applied security fix for bgpd bounds check issue via attribute length (CVE-2018-5378,Quagga-2018-0543,bsc#1079798) [+ Quagga-2018-0543-bgpd.bsc1079798.patch]- Applied security fix for bgpd double free when processing UPDATE message (CVE-2018-5379,Quagga-2018-1114,bsc#1079799) [+ Quagga-2018-1114-bgpd.bsc1079799.patch]- Applied security fix for bgpd code-to-string conversion tables overrun (CVE-2018-5380,Quagga-2018-1550,bsc#1079800) [+ Quagga-2018-1550-bgpd-bsc1079800.patch]- Applied security fix for bgpd infinite loop on certain invalid OPEN messages (CVE-2018-5381,Quagga-2018-1975,bsc#1079801) [+ Quagga-2018-1975-bdpd.bsc1079801.patch]
* Thu Nov 23 2017 rbrownAATTsuse.com- Replace references to /var/adm/fillup-templates with new %_fillupdir macro (boo#1069468)
* Tue Apr 11 2017 mtAATTsuse.de- Disabled passwords in default zebra.conf config file, causing to disable vty telnet interface by default. The vty interface is available via \"vtysh\" utility using pam authentication to permit management access for root without password (bsc#1021669).- Changed owner of /etc/quagga to quagga:quagga to permit to manage quagga via vty interface.
* Mon Apr 03 2017 tchvatalAATTsuse.com- Remove FIXME\'s added by spec-cleaner by using proper phases for the prereq deps- Remove code checking for the proc mounting (build scripts do that for us anyway) + remove the commented out autoconf- Use content of %tmpfiles_create macro rather than 2 lines of checks- Use version in zebra provides/obsoletes to avoid rpmlint warning
* Thu Mar 30 2017 mtAATTsuse.de- Update to quagga-1.1.1, a security and bug fix release (fate#323168): See http://mirror.easyname.at/nongnu/quagga/quagga-1.1.1.changelog.txt for complete changelog, a digest of the changes: - Telnet \'vty\' interface DoS fix due to unbounded memory allocation (CVE-2017-5495,bsc#1021669) - revert opsf6d: Update router-LSA when nbr\'s interface-ID changes See http://mirror.easyname.at/nongnu/quagga/quagga-1.0.20161017.changelog.txt for complete changelog, a digest of the changes: - isisd: Fix size of malloc - isisd: check for the existance of the correct list - ospf6d: fix off-by-one on display of spf reasons - ospf6d: don\'t access nexthops out of bounds - bgpd: fix off-by-one in attribute flags handling - zebra: stack overrun in IPv6 RA receive code (CVE-2016-1245) - bgpd: Fix buffer overflow error in bgp_dump_routes_func- Added libfpm_pb0 and libquagga_pb0 shared library sub-packages, adjusted libzebra0 sub-package name to libzebra1.- Use tmpfiles_create RPM macro to create quagga rundir and adjust tmpfiles config to contain proper rundir at install time.- Removed obsolete patches: quagga-CVE-2016-1245-stack-overrun-in-IPv6-RA-receive.patch quagga-CVE-2016-4049-fix-buf-ovflow-bgp-dump-routes.patch quagga-autoconf-detect-AM_SILENT_RULES.patch- Do not enable zebra\'s tcp interface (port 2600) to use default unix socket for communication between the daemons (fate#323170).- Added quagga.log and create and su statemets to logrotate config, changed default zebra log file name from quagga.log to zebra.log.- Cleaned up the spec file using spec-cleaner.
* Sat Oct 22 2016 jengelhAATTinai.de- Implement shared library policy- Check for user/group before adding them to the system- Trim description
* Tue Oct 18 2016 mtAATTsuse.de- Add quagga-CVE-2016-1245-stack-overrun-in-IPv6-RA-receive.patch: Fix for a zebra stack overrun in IPv6 RA receive code. (CVE-2016-1245, bsc#1005258)
* Tue Jul 05 2016 toddrme2178AATTgmail.com- Fix Group tag.
* Wed May 04 2016 pwieczorkiewiczAATTsuse.com- Add quagga-CVE-2016-4049-fix-buf-ovflow-bgp-dump-routes.patch Fix for a buffer overflow error in bgp_dump_routes_func. (CVE-2016-4049, bsc#977012)
* Thu Apr 07 2016 meissnerAATTsuse.com- replace quagga.keyring with the newer upstream keyring.
* Fri Apr 01 2016 pwieczorkiewiczAATTsuse.com- Add the %{_rundir} macro handling to spec in order to distinguish /run/ vs /var/run distro versions.
* Fri Apr 01 2016 pwieczorkiewiczAATTsuse.com- Add quagga-autoconf-detect-AM_SILENT_RULES.patch: Fix autoconf issue of missing AM_SILENT_RULES macro.- Add build requirement for xz
* Thu Mar 31 2016 pwieczorkiewiczAATTsuse.com- Disallow unprivileged users to enter config directory /etc/quagga (group: quagga, mode: 750) and read configuration files installed there (group: quagga, mode: 640). (boo#770619)- Add sysconfig.quagga: Fillup template for /etc/sysconfig/quagga- Update to version 1.0.20160315: See http://savannah.spinellicreations.com//quagga/quagga-1.0.20160315.changelog.txt Remove double read of stream- Update to version 1.0.20160309: See http://savannah.spinellicreations.com//quagga/quagga-1.0.20160309.changelog.txt Add code to extract.pl.in to prevent further cli function overwrites Fixed if_add_update possible null dereference Fix _netlink_route_debug message Check prefix length from zebra is sensible Fix privilege dropping to use system defined groups Additional centos 6 -enable-werror fixes Fix code to use srandom/random Removal of \'show ip mroute\'
* : add/cleanup initialisers, missing includes, VRF ID in the API message header, assorted warning call if_init()/if_terminate() from vrf_init()/vrf_terminate() fix \"babeld: Remove babeld from Quagga\" (336724d) fix in_addr initialisers and more initialisers (for BSD) fix signedness mix-ups use an ifindex_t type, defined in lib/if.h, for ifindex values use long long to print time_t use void
* for printing pointers babeld: Remove babeld from Quagga bgpd: add back old forms of \'show
\' for compatibility add \"show ip bgp dampening\" command tree add nexthop length to AF macro add some peer_lock/unlock debug code add support for timer commands with peer-group syntax allow using rtt in route-map\'s set metric bgp_scan shouldn\'t queue up route_nodes with no routes for processing check capability falls on right multiple of size, where possible. check rtt later after the real peer is known cleanup vty bgp_node_afi/safi utils compile fix for clearing-completion FSM fix, using workqueue helper. configured suppress value cannot be less than the reuse value in bgp dampening crash from not NULLing freed pointers display of configured dampening parameters do not allow a timers connect of 0 drop machineparse / random \"show\" improvements enable \"bgp log-neighbor-changes\" by default encap: add attribute handling, add encap SAFI (RFC5512), extend extcommunity handling, encap show commands fix: bgp_btoa to compile, crash reported by NetDEF CI, ecommunity_token initialiser, graceful restart capability minsize, memory leak in bgpd/bgp_route.c, Null pointer dereference in bgp_info_mpath_update, race in clearing completion, small memory leak in str2prefix_rd, SNMP write support \'struct peer\' memory leaks useless call in bgpd/bgp_mplsvpn.c using of two pointers for struct thread_master
* VU#270232, VPNv4 NLRI parser memcpys to stack on unchecked length (bsc#970952, CVE-2016-2342) general MP/SAFI improvements handle AS4 and EOI route distinguishers if route-map does not exist DENY for redistribute statements ignore stale entry candidates during bestpath selection. implicit updates in BGP may require a withdrawal from zebra RIB improve cleanup in bgp_delete() memory cleanups for valgrind, plus debug changes hook up bgp ENCAP and VPNv6 CLI node lower BGP\'s default keepalive/holdtime to 3s/9s lower the default \'timers connect\' in BGP to 10 seconds make bgp_info_cmp and multiple-path decision logic more regular and robust to paths that do not have su_remote info make bgp_nlri_parse_encap conform with other nlri_parse funcs make _vpnv4 static handling SAFI-agnostic modify maxpaths cli\'s to use MULTIPATH_NUM for range only use routes from Established peers for best path selection OPEN parse errors should send OPEN_ERR and UNSPECIFIC subcode. peer_uptime overflows after 1 year fix zAPI parsing refactor route-map objects modifying integer values regularise BGP NLRI sanity checks a bit regularise bgp_update_receive, add missing notifies and checks remove the double-pass parsing of NLRIs \'set comm-list delete\' stops as soon as it hits a community-list entry with a deny speed up \"no-hit\" withdraws for routeservers tests - add null pointer protection to fix bgp test failures update dump to allow Extended Time Format update rtt on soft clear VPNv6 show commands warn user that bgp is setting maximum-paths larger than MULTIPATH_NUM wire up VPNv6 protocol processing fix struct/pointer sizeof mixups fixup afi_t to be an enum and cleanup zebra.h remove \'struct fifo\' from lib/zebra.h refactor FILTER_X in zebra.h bgp: reorg cleanup to align process and bgp instance init/destroy build: add --enable-werror ARM compilation warning fix determine CFLAGS more intelligently enable vtysh and pimd as part of default build list actual release procedure make libraries self-reliant remove the old PIC/PIE patch, let libtool sort it out rework how MULTIPATH_NUM is delivered to build distro: fix redhat/quagga.spec.in distro: redhat/rpm: remove with_ipv6, package pimd binary, remove pam stack redhat,CentOS: update to support CentOS/RHEL/Fedora, upstart/init/systemd doc: add AFI/SAFI show commands to manual add \'OSPF Fundamentals\' section to OSPF docs distribute a modern version of texinfo.tex with the docs older versions of texinfo seem to be sensitive to location of unmacro update bgpd docs, inc. on decision process, and with a section on MED. fixup of history handling fix alignment assumptions on non-RT_ROUNDUP platforms. gdb: Add a directory of files with gdb macros git: add (generated) cscope files to .gitignore HACKING: Change format to MarkDown, fix spelling mistakes rename to HACKING.md in prep for conversion to MarkDown isisd: add a debug mode that traces LSP construction add a slight delay to lsp_regenerate_schedule add new adjacency to LSP neighbor list add support to import routes from other protocols allow to adjust lsp-mtu always print adj->sysid (clang 3.6 warning) annotate some function arguments with const assorted fixes (unused variables, static) Attached-bit in LSP header don\'t corrupt memory for long hostnames don\'t use POSIX reserved y1/yn names do remove ipv6 routes from Zebra drop packet received on multiple interfaces due to the time gap in binding socket to an interface fix: assertion in LSP refresh timer calculation a typo in a log message crash on processing own p2p hello IPv6 mask application LSPs not being regenerated after adjacency change minor & vs. && mix-up misleading wording in log size_t confusions handle lsp confusion (ISO/IEC 10589:2002 7.3.16.2) initialize circuit to match area is_type make send_lsp more robust provide more detailed log for failed address removal purge on correct level remove superfluous checks after XMALLOC etc. remove unused process_is_hello() show interface\'s ipv6 addreses lib: memory cleanups for valgrind, plus debug changes add: CMD_RANGE_STR macro to command.h facility to log all CLI commands function to get precise remaining time of timer thread getgrouplist() for Solaris SAFI_ENCAP type, safi2str prefix utility \"show commandtree\" CLI command zlog_hexdump() for debugging allow caller to provide prefix storage in sockunion2hostprefix reduce strcmp in CLI hot paths fix optional arguments with description interactions constify sockunion api don\'t have log functions change errno fix: bookkeeping for libreadline malloc()s duplicate variable name in smux.c and vty.c Free Pointer dereference in lib/filter.c POSIX capabilities on SunOS platforms \"reduce strcmp in CLI\" fallout \"sockunion: add hash function\" for BSD vrf_bitmap leak in zclient_free() hide internal prefix list structures make prefix2str simpler to use, and use it in zclient make sockunion2str safer to use memory reporting fails over 2GB move the interface list into \"struct vrf\" display more info if cap_set_proc fails. don\'t use CAP_NET_BROADCAST remove unused \'show memory XXX\' functionality silence type range warning in macro straighten out ORF prefix list support stream: fix stream sanity checks treat realloc of null pointer as alloc Now use zalloc rather than alloc with null. Fixes issue seen in bgp check tests. use const consistently for zserv path vrf: enable / disable a VRF vty: add separate output fd support to VTYs add vty_stdio() add vty_stdio at-close hook don\'t clear output buffer on input EOF put stdin in raw mode for vty reduce unneccessary C extension usage support multiple VRFs by using linux netns add trivial work_queue_is_scheduled helper wrong #define used for IPV6_MINHOPCOUNT zclient: can overflow (struct interface) hw_addr if zebra is evil consolidate error reporting for zclient_read_header add \"vrf_id\" into the \"struct interface\" move \"struct vrf\" to be a lib module unify link layer type and hardware address handling configure an interface in non-default VRF ospf6d: fix for fast OSPF convergence fix pointer arithmetic warning fix uninitialized warning in SNMP oi->cost is uint32, not short use existing union, avoid strict-aliasing ospfd: add missing unlock for ospf_interface_address_delete() extend \'ip ospf area\' to take address argument + rationalise ospf enable fast OSPF convergence fix bug in 94266fa822ba, nbr_self rebuild didn\'t add valid nbr_self fix for \'no\' + \'debug command\' does not disable \'debug command\' fix unused warning in ospf_write impl. per interface \'ip ospf area\' command lower the default OSPF spf timers to \'0 50 5000\' make ospf_passive_interface_update calls friendly to static analysis move route_unlock_node() in ospf_ase_incremental_update() ospf_ase.c, external_lsa locking fixes. ospf_ls_upd_send() add missing unlock. ospf_nbr_nbma_set()/ospf_snmp_vl_add() add unlock PointToPoint neighbors are identified by router ID remove another odd flooding hack in opaque LSA code remove HAVE_OPAQUE_LSA and HAVE_OSPF_TE remove the blocking of opaque LSAs origination and flooding \'optimisation\' self nbrs needs to be rebuilt when router ID changes. split up network interface enable a bit, for per-interface area cmd trap on state change seems to send incorrect value for ospfNbrState use route_node_lookup() instaed of route_node_get() pimd: add ability to set DR Priority for an interface add knowledge of different packet types add support for configuring multicast static routes assert when no route to source from a new igmp join cast ioctl values when printing them cast to sockaddr_in to sockaddr change ioctl call failure from vty_out to zlog_warn cleanup interface startup cleanup zebra debugs to be protected by debug commands create ability to modify hell and hold timers per interface do not display some default values as part of a show run ensure new generation_id is different from previous fix first DR Election, leaked fd, out of tree build, size_t zlog_err format string warning limit pim hello log messages mask unused zclient_broken() notice when we receive a packet type we can\'t handle yet stop DR election on every hello use IPPROTO_IP (not SOL_IP) for IP_PKTINFO \'show debugging\' collision ripngd: add ECMP support allow to enable/disable the ECMP feature sockopt: add support for querying tcp round-trip-time sockunion: add accessors for sockunion address add hash function solaris: create ioctl_solaris.h drop duplicate __EXTENSION__ define more warnings fixed no ROUNDUP tests: add CLI dummy command-exec tool add more AS4 capability tests + little fixes for couple of GR test cases. add testcli reference in/out & do DejaGNU vrf: add a runtime check before playing with netns vtysh: add missing show thread/work-queues commands adjust bad_cli_stomps in extract.pl.in to reflect fixes & fix build allow display of individual daemons configs allow --with-libpam to build with --enable-werror don\'t use \'\\0\' as NULL drop unused variables & RETSIGTYPE fix Quagga.conf file read in. fix the fix for babeld removal when the config file is close to the boundry of size of buffer vtysh hangs. hook up bgp ENCAP and VPNv6 CLI node fixup of history handling reduce unneccessary C extension usage support multiple VRFs by using linux netns configure an interface in non-default VRF zebra: fix struct/pointer sizeof mixups add \"vrf_id\" into the \"struct interface\" move \"struct vrf\" to be a lib module unify link layer type and hardware address handling configure an interface in non-default VRF add hooks upon enabling / disabling a VRF additional redistribute related logging atomic FIB updates clean up misc_null pragmas, RTADV define configure static routes in any VRF don\'t print uninitialized string fix: addr sent in ZEBRA_IPV6_NEXTHOP_LOOKUP build with rtadv disabled change of distance on ipv6 route creating duplicate routes leaked sockets in rtadv.c NetBSD interface stats printf non usage of VRF_DEFAULT route deletion on
*BSD rtadv detection, check for non-glibc linux VRF code for
*BSD implement per-route mtu handling let FIB stand for its respective VRF let the route-map rule \"match interface\" work for VRFs the netlink sockets work per VRF lookup the address in all VRFs when set the route-map rule \"set src\" maintain RTADV and router-id per VRF make RTF_LLINFO optional to fix FreeBSD make ZEBRA_FLAG_CHANGED internal status remove HAVE_IPV6 from rib.h and zebra_rib.c remove metric from kernel rib->nexthop_num is double incremented show interfaces in a specified VRF or all VRFs show routes in a specified VRF or all VRFs silence zebra_serv_un unused warning simplify redistribution code support FIB override routes use link scope for interface routes use prefix2str for logging where possible use SA_SIZE for RT_ROUNDUP on FreeBSD use prefix2str and unify show ip/ipv6 route code wire up \"debug zebra packet detail\"
* Sat Oct 17 2015 mrueckertAATTsuse.de- run systemd-tmpfiles in %post to get the directory set up.
* Sat Mar 21 2015 p.drouandAATTgmail.com- Fix build for openSUSE 13.1/SLE12
* Sat Mar 14 2015 p.drouandAATTgmail.com- Update to version 0.99.24.1
* zebra: don\'t print uninitialized string (3b02fe8) This crept in as part of the MRIB improvements and I missed the compiler warning between other noise. Unfortunately, printing an uninitialised variable can in fact make zebra crash, so this is not trivial.- Use systemd for openSUSE > 12.3- Add patch from Fedora
* 0001-systemd-change-the-WantedBy-target.patch
* Wed Jul 30 2014 sfalkenAATTopensuse.org- Update to 0.99.23 See http://savannah.spinellicreations.com//quagga/quagga-0.99.23.changelog.txt minor fixes: bgpd: Fix condition allowas-in in rsclient code support TTL-security with iBGP, factor out TTL setting factor out eBGP multihop check fix fast external fallover behavior increase TCP socket buffer size fix O_NONBLOCK on outgoing send notify in OpenSent when stopping manually display multipath status in \"show ip bgp\" track correct originator-id in reflected routes add \'bgp bestpath as-path multipath-relax\' fix crash when allowas-in is done on inactive peer efficient NLRI packing for AFs != ipv4-unicast don\'t compare next-hop to router-id use ATTR_FLAG_BIT() for BGP_ATTR_ values fix some DEFUN definitions bgpd-set-v4-nexthop-for-v6-peering.patch support NEXTHOP_IPV4_IFINDEX in bgp import check honor PEER_FLAG_DISABLE_CONNECTED_CHECK on bgp_scan write NOTIFY non-blockingly prevent double address delete on shutdown stricter packet handling in OpenSent fix lost passwords of grouped neighbors
* : nuke ^L (page feed) isisd: ignore the unrecognized TLVs ripd: fix \"show ip rip status\" documentation avoid the zero interface metric correctly redistribute ifindex routes (BZ#664) zebra: raise the privileges before calling socket() Change the mechanism for comparing route ID\'s. fix some DEFUN definitions apply syntactic sugar to rib_dump() set metric for directly connected routes via netlink to 0 log routes w/o gateway in rib_delete_ipv4 match gateway when deleting NEXTHOP_IPV4_IFINDEX routes make rib_dump() compatible with IPv6 RIB apply route-maps for interface routes fix recursive-routes via ifindex routes implement NEXTHOP_FLAG_ONLINK handle blackholes encountered in recursive resolution rework recursive route resolution improve interface shutdown behaviour don\'t change connected state from zebra/interface.c add ZEBRA_IFC_QUEUED to keep track of kernel state warn if advertising connected with _REAL unset consolidate connected_implicit_withdraw clear ZEBRA_IFC_CONFIGURED on \"no ipv6 addr\" make if_subnet_delete a bit more strict process information about new addresses (BZ#486)` support NEXTHOP_IPV4_IFINDEX in bgp import check improve display of NEXTHOP_IPV4_IFINDEX in show ip route don\'t printf to stdout on ZEBRA_IPV6_NEXTHOP_LOOKU use SO_RCVBUFFORCE for netlink socket ospfd: add debug messages for router lsa-generation For an ABR, ensure the right LSID is MaxAge\'d clarify indentation and comments in ospf_lsa_maxage_delete fix a reference counting issue introduced by commit 4de8bf0011 check the LS-Ack\'s recentness instead of only comparing the #seq don\'t allow to set network type on loopback interfaces run DR election prior to LSA regeneration ospfd/ospf_vty.c: use keyword cmd style fix some DEFUN definitions fixup log message in ospf_zebra_delete refactor some common defines protect vs. VU#229804 (malformed Router-LSA) CVE-2013-2236, stack overrun in apiserver fix flooding procedure make ospf_maxage_lsa_remover actually yield restore nexthop IP for p2p interfaces fix LSA initialization for build without opaque LSA lib: use heap to manage timers remove unused thread_master_debug function lib/command.c: rewrite command matching/parsing fix possible off-by-one in stream_put_prefix() fix for dynamically grown hashes fix backtraces broken by 837d16c... unconditionally include stddef.h register vtysh socket in server socket vector (BZ#754) ospf6d: fix refcounting in ospf6_asbr_lsa_remove add \"auto-cost reference-bandwidth\" command compute interface cost from its bandwidth solve segfaults with ospf6d on FreeBSD Merge volatile/cumulus_ospf6d fix interface_down() stopping hellos clear lsa->refresh before clearing LSAs handle missing link local address more gracefully improve ordered shutdown clear DR info on interface_down set cmsg size correctly don\'t run DR election early on \"ipv6 ospf6 priority\" fix integrated config add SPF logs, statistics, and display of SPF parameters add \'log-adjacency-changes [detail]\' don\'t send LSAck on an interface if we\'ve flooded the LSU out that i/f handle Prefix and Router Options bits correctly add LSA payload to show summary output increment dbdesc seqnum on SeqNumberMismatch/BadLsReq event don\'t change SeqNum on initial DbDesc message handle seqnum wrapping add overload support fix linkdown handling correct nexthop through directly connected networks don\'t suppress empty router LSA turn off expensive debugging convert LSDB to use route_node, improve performance fix neighbor state machine (faster lsdb sync, RFC compliance) add p2p interface support fix various bugs in installing and flooding LSAs add more details to show ipv6 ospf6 data enable the commands to support detailed debugging of LSAs. remove older version of LSA from neigbor retx list before prematurely aging it. schedule SPF to run on events rather than directly on each event. refactor some common defines security: Fix some typos and potential NULL-deref tests: Add tests for timers add a test program for lib/command.c DejaGNU libzebra bgpd add DejaGNU framework vtysh: don\'t append superflous spaces (BZ#750) fix false lib path matching in extract.pl.in doc: Modernize INSTALL.quagga.txt. update TODO for ospf6d work & bgp multipath add OSPFv3 homenet to TODO hash: dynamically grow hash table force size to be a power of 2 guile: remove build issues: lib: remove redundant and incorrect sys/fcntl.h include vtysh: fix build against readline 6.3 tests: fix build & disable testcommands don\'t build tests unless make check is run fix Makefile.am so it works with BSD make make --disable-bgpd kill bgpd tests too build: remove now-useless --{en, dis}able-tests improve backtrace support/detection reference libcap from libzebra (BZ#393,626) fix minimal mixup in gitinfo suffix Update supported versions. update quagga.spec.in isisd: use bug-report information from autoconf ospf6d: use bug-report information from autoconf doc: fix makeinfo errors and one warning
* Wed Jul 30 2014 sfalkenAATTopensuse.org- Updated to 0.99.23 Changed /var/run to /run in .spec file in order to fix rpmlint check failure in Factory Added: quagga-0.99.23.tar.xz quagga-0.99.23.tar.asc Deleted: quagga-0.99.22.1.tar.gz quagga-0.99.22.1.tar.asc
* Wed Jul 17 2013 meissnerAATTsuse.com- fixed source url, added tar.asc and keyring url (unchecked)
* Wed Jul 17 2013 boyangAATTsuse.com- Add return value for table_test.c.
* Fri Apr 19 2013 boyangAATTsuse.com- Update to 0.99.22.1 major regressions: ospfd: restore nexthop IP for p2p interfaces minor fixes: bgpd: fix lost passwords of grouped neighbors lib/vty: register vtysh socket in server socket vector (BZ#754) ospfd: fix LSA initialization for build without opaque LSA ripd: correctly redistribute ifindex routes (BZ#664) build issues: build: fix minimal mixup in gitinfo suffix build: reference libcap from libzebra (BZ#393,626) build: update quagga.spec.in doc: fix makeinfo errors and one warning tests: make --disable-bgpd kill bgpd tests too vtysh: fix false lib path matching in extract.pl.in
* Wed Sep 12 2012 cooloAATTsuse.com- add makeinfo as explicit buildrequire
* Thu Aug 09 2012 mrueckertAATTsuse.de- Update to 0.99.21 There are some major user-visible changes: [bgpd] BGP multipath support has been merged [bgpd] SAFI (Multicast topology) support has been extended to propagate the topology to zebra. [bgpd] AS path limit functionality has been removed [babeld] a new routing daemon implementing the BABEL ad-hoc mesh routing protocol has been merged. [isisd] a major overhaul has been picked up. Please note that isisd is STILL NOT SUITABLE FOR PRODUCTION USE. [
*] a lot of bugs have been fixed, please refer to the git log The number of bugfixes and changes in this release is quite large at 446 commits, though some commits are counted twice due to a merge of Denis Ovsienko\'s RE branch some time ago. (Previous releases had around 50 commits each.)- additional changes from 0.99.20.1 This is a security-fix release that addresses 3 pending CVEs, one in bgpd and two in ospfd. The CVEs will be linked once released.- added quagga-0.99.21_isis_undefined_operations.patch: fix compiler warning about undefined operations- a47c5838e9f445ab887ad927706b11ccbb181364.patch Fix typo in isis topology code. Taken from git.- drop quagga-0.99.20-fix-bgpd-attr-memleak.patch: Included upstream- added options to build tcp-zebra, irdp and pcre: all enabled by default pcre change might cause problems in edge cases with bgp new buildrequires: pcre-devel- added option to build with isis and isis-topology: disabled by default
* Tue Dec 06 2011 oliproAATT8.c.9.b.0.7.4.0.1.0.0.2.ip6.arpa- Update package to quagga-0.99.20, remove stale patches. added upstream patch to resolve a bgpd memleak
* Wed Nov 23 2011 cooloAATTsuse.com- add libtool as buildrequire to avoid implicit dependency
* Mon Sep 19 2011 boyangAATTsuse.com- DoS while decoding EXTENDED_COMMUNITIES in Quagga\'s BGP [bnc#718062]
* Mon Sep 19 2011 boyangAATTsuse.com- OSPFD DoS while decoding Link State Update [bnc#718061]
* Mon Sep 19 2011 boyangAATTsuse.com- OSPFD DoS while decoding Hello packet [bnc#718059]
* Mon Sep 19 2011 boyangAATTsuse.com- OSPF6D DoS while decoding Database Description packet [bnc#718058]
* Mon Sep 19 2011 boyangAATTsuse.com- OSPF6D buffer overflow while decoding Link State Update with Inter Area Prefix Lsa [bnc#718056]
* Thu Jun 02 2011 boyangAATTnovell.com- Fix bnc#680499, zebro and ripd won\'t start [bnc#680499]
* Wed Feb 23 2011 prusnakAATTopensuse.org- fix CVE-2010-1674 and CVE-2010-1675 [bnc#654270]
* Tue Nov 09 2010 prusnakAATTopensuse.org- mark /var/run/quagga as ghost, create it in initscript [Fate#303793]
* Tue Nov 09 2010 prusnakAATTopensuse.org- updated to 0.99.17 - fixes [bnc#634300] bgpd: fix handling of AS path data tighten bounds checking in RR ORF msg reader ospfd: Only refresh external default route once. Make sure ospf_distribute_list_update_timer() eventually runs. Make sure all external routes are updated. zebra: fix infinite loop when deleting an interface ospf6d: Fix crash when \'[no] ipv6 ospf6 advertise prefix-list\' is in startup-config isisd: change ISIS_METHOD to use C preprocessor other: build: ignore mkinstalldirs and texinfo.tex build: Add QuaggaId to README.NetBSD build/extra: Enhance README.NetBSD make/gmake decision. git: add pointers to out-of-tree work git: add (generated) m4 files to .gitignore Update for git and emphasize asking for good reports. doc: fixed spelling in bgpd.texi
* Tue Nov 09 2010 prusnakAATTopensuse.org- updated to 0.99.16 bgpd: use monotonic clock for time of day code cleanup compile warnings cleanup work around warning in assegments_parse() ospfd: fix debug messages that were masked by DISCARD_LSA remove unneeded memset from a very hot function VTY strings cleanup comment out unused function make local functions static enable more OSPF cost command aliases lib: fix memory logging make some structures constant move check_bit into prefix common code fix warning on little endian make match functions take const args remove unused function: route_dump_node() log source of vty connections (bug #566) zebra: change router-id selection algo deal with irdp compile warnings cleanup RIB meta queue code fix more warnings in rtadv fix more compiler warnings remove unused function to fix warning handle RTF_CLONING removal from FreeBSD 8.0 fix argument reference in strncpy() call for BSD fix RIB debug message for IPv6 make declaration const in rtm_flag_dump() fix router advertisements for non-Ethernet link layer addresses ospf6d: remove dead code fix warnings from recent prefix bit commit review LSA sequence number comparison fix LSA locking in ospf6_new_ls_id() other: ripd: fix compiler warnings ripngd: compiler warnings cleanup isisd: fix --enable-isis-topology for 64-bit Linux isisd: fix BPF ioctl() calls, treat \"true\" and \"false\" as reserved configure: fix spelling configure: fix HAVE_CLOCK_MONOTONIC spelling
* Thu Dec 03 2009 prusnakAATTsuse.cz- updated to 0.99.15
* bgpd: fix md5 set on listen sockets missing pieces from listener patch Workaround for invalid MBGP next hop Allow inbound connections to non-default view fd leak in bgpd Delete AS_CONFED_SEQUENCE when prepending an AS_SEQUENCE type segment Implement BGP confederation error handling (RFC5065, Par. 5) start listener on first instance peer action table static/const Restore ability of \'neighbor ... update-source\' to take interface name
* ospfd: Make sure priority is respected. Tighten up the connected check for redistribution fix performance problem with redistribute delete Make sure route table is recalculated. Make \"Packet ... received on wrong link\" conditional on debug Change struct ospf_path
*oi to ifindex. Discriminate better when selecting links between vertices in SPF Make ospf_if_lookup_recv_if() find the right unnumbered i/f export ospf_if_table_lookup() and use it in ospf_network_run_interface()
* ospf6d: bug #529, fix endianness problem in earlier commit
* ripd: set IP TOS for control socket
* zebra: do not touch socket before pidfile locking
* doc: zebra.8 via Christian Hammers (#531)
* Wed Aug 05 2009 prusnakAATTsuse.cz- updated to 0.99.14
* lib: Fix IPv6 normalisation Allow for large-file support, e.g. for log files >2GB
* zebra: Silence noisy process_subq RFC 4191 Default Router Preference support for router advertisements linux policy routing support with ipv6 Static route does not reach kernel.
* bgpd: Fix nexthop reachability check on confederations fix typo made by paul in previous commit Avoid zombie accepted peer entries Small buffer overrun in bgp_clear_node_queue_init Stability fixes including bugs 397, 492 Fix compiler warnings related to MD5 Bug #533: Fix crash with copy/pasted commands, inc \'no bgp ...\' Log a debug/update warning if filters are configured but don\'t exist Add \'show ip bgp view WORD neighbors IP (advertised|received)-routes\' review 32-bit AS-path hotfix for 0.99.12 Fix \"show ip bgp dampened-paths\" garbage output. Fixes to RFC2385/MD5 BGP
* ospfd: Do not use stale Network/Router LSAs compare ifIndex too when matching paths external LSA route_unlock_node() fixes Fix a few LSA performance \"bugs\" discount IP header size from a new LSA pkt cancel OSPF timer hack in nsm_change_state
* ospf6d: Fix regression in monotonic time patch - LSA max-aging broke
* vtysh: Save vtysh history to a file Fix vtysh based \"write term\" output.
* doc: Add \"--disable-doc\" to configure
* Wed Jul 15 2009 prusnakAATTsuse.cz- updated to 0.99.13
* build: [configure] fix check for GNU awk/gawk to abort ./configure if missing [configure] add configure support for PCRE Posix library [configure] Detect support for monotonic clock
* zebra: [zebra] Force rib_update when connected route deleted [zebra] Only announce connected routes if link is detected [zebra] MTU is unsigned [zebra] remove incorrect debug message [zebra] Cleanup meta-queue code [zebra] netlink interface minor cleanup [zebra] Fix vyatta bug 2814: Add \"show ip route summary\" command.
* bgpd: [bgpd] Fix \'update-source\' command: It doesn\'t accept interface names [bgpd] reference count the BGP instance [bgpd] Add support for the old Linux 2.4, TCP_MD5_AUTH RFC2385 patch [bgpd] Fixed as-path prepend/exclude ASN handling [bgp] Fix crash on SIGHUP, deref of freed workqueues [bgpd] 64-bit bugfix in community_del_val
* ospfd: [ospfd] Fix OSPF route refcount leak [ospfd] fix vty ospfd no ospf abr-type standard
* ospf6d: Convert ospf6d over to quagga_gettime() wrappers. [ospf6d] Remove \'no router\' from OSPF6_NODE [ospf6d] Fix ospf6d crash if removing interface with no area [ospf6d] Fix ospf6d crash in show border routers [ospf6] Add no router ospf6 [ospf6d] Fix ospf6d crash if range defined twice
* ripd: [ripd] Ignore non-running interfaces in rip status [ripd] Fix metrix in call to rip_zebra_ipv4_delete
* vtysh: [vtysh] Add a --noerror option [vtysh] Return non-zero exit code on error. [vtysh] Make vtysh more useable for scripting [vtysh] Force line buffered mode.
* misc: [daemons/cleanup] Remove disabled log_mode argument support. [lib] Put symbolic backtrace on system log [lib] sockopt_tcp_signature: sin6 requires HAVE_IPV6 [smux] 64-bit fix for lib/smux.h SNMP_INTEGER() macro
* Wed May 13 2009 prusnakAATTsuse.cz- updated to 0.99.12
* bgpd: Fix bgp ipv4/ipv6 accept handling [bgpd] AS4 bugfix by Chris Caputo [bgpd] Add \'show bgp views\' command [bgpd] Allow accepted peers to progress even if realpeer is in Connect
* ospfd: [lib] Move type cast in Fletcher checksum [lib] Switch Fletcher checksum back to old ospfd version Justified OSPF cost function names and added support for: ospf cost <1-65535> A.B.C.D no ospf cost <1-65535>
* library: [lib] Fix timer precision. [lib] fix missing sockunion_normalise_mapped
* vtysh: [vtysh] Add commands from zebra_routemap.c to vtysh
* misc: [build] tools/multiple-bgpd.sh should be in \'make dist\'- added logrotate to Recommends- removed obsoleted patches:
* bgpd-asn-dos.patch (mainline)
* Thu May 07 2009 prusnakAATTsuse.cz- fixed crash (DoS) in BGP daemon via an ASN elements (bgpd-asn-dos.patch) [bnc#500540]