Changelog for
quagga-devel-1.2.4-89.386.i586.rpm :
* Fri Nov 11 2022 Marius Tomaschewski
- Remove attempts to correct configuration file ownership and permissions in service files, that may lead to local privilege escalation from quagga to root (bsc#1191890,CVE-2021-44038). [+ remove-chown-chmod.service.patch]- Correct hardening patches adding ReadWritePaths=/etc/quagga- Add update-messages that quagga is not developed for years, is about to get dropped from Factory/Tumbleweed soon and users should migrate to FRR (https://frrouting.org/).
* Thu Sep 01 2022 Stefan Schubert - Migration to /usr/etc: Saving user changed configuration files in /etc and restoring them while an RPM update.
* Wed Jun 29 2022 Stefan Schubert - Moved logrotate files from user specific directory /etc/logrotate.d to vendor specific directory /usr/etc/logrotate.d.
* Thu Oct 21 2021 Johannes Segitz - Added hardening to systemd service(s) (bsc#1181400). Added patch(es):
* harden_bgpd.service.patch
* harden_isisd.service.patch
* harden_ospf6d.service.patch
* harden_ospfd.service.patch
* harden_ripd.service.patch
* harden_ripngd.service.patch
* harden_zebra.service.patch
* Fri Apr 09 2021 Cristian RodrÃguez - Avoid using libpcre-posix, which is intended for systems without a working regex.h, symbols clash with libc and undefined behaviour may ensue.
* Fri Apr 26 2019 mvetterAATTsuse.com- bsc#1130588: Require shadow instead of old pwdutils
* Wed Nov 14 2018 mardnhAATTgmx.de- Update to version 1.2.4 Bugfix release See http://mirror.easyname.at/nongnu/quagga/quagga-1.2.4.changelog.txt for complete changelog.- Update to version 1.2.3 Bugfix and security release See http://mirror.easyname.at/nongnu/quagga/quagga-1.2.3.changelog.txt for complete changelog.
* Security related changes: + Fixes CVE-2018-5278 + Fixes CVE-2018-5279 + Fixes CVE-2018-5280 + Fixes CVE-2018-5281- Update to version 1.2.2 Bugfix and security release See http://mirror.easyname.at/nongnu/quagga/quagga-1.2.2.changelog.txt for complete changelog.
* Security related changes: + Fixes CVE-2017-16227- Update to version 1.2.1 Bugfix release See http://mirror.easyname.at/nongnu/quagga/quagga-1.2.1.changelog.txt for complete changelog.- Update to version 1.2.0 Bugfix release See http://mirror.easyname.at/nongnu/quagga/quagga-1.2.0.changelog.txt for complete changelog.- Rebase patch:
* 0001-systemd-change-the-WantedBy-target.patch- Removed patches (fixed upstream):
* Quagga-2018-0543-bgpd.bsc1079798.patch
* Quagga-2018-1114-bgpd.bsc1079799.patch
* Quagga-2018-1550-bgpd-bsc1079800.patch
* Quagga-2018-1975-bdpd.bsc1079801.patch
* quagga-CVE-2017-16227-bgpd-Fix-AS_PATH-size-calculation.patch
* Fri Feb 09 2018 mtAATTsuse.de- Applied security fix for bgpd DoS via specially crafted BGP UPDATE messages (CVE-2017-16227,bsc#1065641) [+ quagga-CVE-2017-16227-bgpd-Fix-AS_PATH-size-calculation.patch]- Applied security fix for bgpd bounds check issue via attribute length (CVE-2018-5378,Quagga-2018-0543,bsc#1079798) [+ Quagga-2018-0543-bgpd.bsc1079798.patch]- Applied security fix for bgpd double free when processing UPDATE message (CVE-2018-5379,Quagga-2018-1114,bsc#1079799) [+ Quagga-2018-1114-bgpd.bsc1079799.patch]- Applied security fix for bgpd code-to-string conversion tables overrun (CVE-2018-5380,Quagga-2018-1550,bsc#1079800) [+ Quagga-2018-1550-bgpd-bsc1079800.patch]- Applied security fix for bgpd infinite loop on certain invalid OPEN messages (CVE-2018-5381,Quagga-2018-1975,bsc#1079801) [+ Quagga-2018-1975-bdpd.bsc1079801.patch]
* Thu Nov 23 2017 rbrownAATTsuse.com- Replace references to /var/adm/fillup-templates with new %_fillupdir macro (boo#1069468)
* Tue Apr 11 2017 mtAATTsuse.de- Disabled passwords in default zebra.conf config file, causing to disable vty telnet interface by default. The vty interface is available via \"vtysh\" utility using pam authentication to permit management access for root without password (bsc#1021669).- Changed owner of /etc/quagga to quagga:quagga to permit to manage quagga via vty interface.
