SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for libfrr0-7.4-lp154.4.28.1.x86_64.rpm :

* Thu Jun 13 2024 Marius Tomaschewski - Apply upstream fix for an nlri length of zero mishandling, aka \"flowspec overflow\" (CVE-2023-38406,bsc#1216900,gh#FRRouting/frr#12884) [+ 0021-bgpd-Flowspec-overflow-issue.patch]- Apply upstream fix for a crash on malformed BGP UPDATE message with an EOR, because the presence of EOR does not lead to a treat-as-withdraw outcome (CVE-2023-47235,bsc#1216896, gh#FRRouting/frr#14716) [+ 0018-bgpd-Treat-EOR-as-withdrawn-to-avoid-unwanted-handli.patch]- Apply upstream fix for a crash on crafted BGP UPDATE message with a MP_UNREACH_NLRI attribute and additional NLRI data (CVE-2023-47234, bsc#1216897,gh#FRRouting/frr#14716) [+ 0019-bgpd-Ignore-handling-NLRIs-if-we-received-MP_UNREACH.patch]- Apply upstream fix for attempts to read beyond the end of the stream during labeled unicast parsing (CVE-2023-38407,bsc#1216899, gh#FRRouting/frr#12956) [+ 0020-bgpd-Fix-use-beyond-end-of-stream-of-labeled-unicast.patch]
* Thu Apr 11 2024 Clemens Famulla-Conrad - Apply upstream fix on error handling when receiving BGP Prefix SID attribute (bsc#1222518,CVE-2024-31948,gh#FRRouting/frr#15628) [+ 0017-bgpd-fix-error-handling-when-receiving-BGP-prefix-SID.patch]
* Mon Oct 30 2023 Marius Tomaschewski - Apply upstream fix for a crash due to a crafted BGP UPDATE message (CVE-2023-46753,bsc#1216626,https://github.com/FRRouting/frr/pull/14655/commits/21418d64af11553c402f932b0311c812d98ac3e4). [+ 0015-bgpd-Check-mandatory-attributes-more-carefully-for-U.patch]- Apply upstream fix for a crash due to mishandled malformed MP_REACH_NLRI data (CVE-2023-46752,bsc#1216627,https://github.com/FRRouting/frr/pull/14645/commits/b08afc81c60607a4f736f418f2e3eb06087f1a35). [+ 0016-bgpd-Handle-MP_REACH_NLRI-malformed-packets-with-ses.patch]
* Tue Sep 12 2023 Marius Tomaschewski - Apply upstream fix for NULL pointer dereference due to processing of malformed requests with no attributes in bgp_nlri_parse_flowspec (CVE-2023-41909,bsc#1215065,https://github.com/FRRouting/frr/pull/13222/commits/cfd04dcb3e689754a72507d086ba3b9709fc5ed8). [+ 0014-bgpd-Limit-flowspec-to-no-attribute-means-a-implicit.patch]
* Fri Sep 01 2023 Marius Tomaschewski - Removed protobuf-c BuildRequires (source package name) breaking build-system setup with libprotobuf-c-devel 1.3.2 updates.- Apply upstream fix for bgpd: Do not process NLRIs if the attribute length is zero (CVE-2023-41358,bsc#1214735, https://github.com/FRRouting/frr/pull/14260) [+ 0012-bgpd-Do-not-process-NLRIs-if-the-attribute-length-is.patch]- Apply upstream fix bgpd: Use treat-as-withdraw for tunnel encapsulation attribute instead of session reset (CVE-2023-38802,bsc#1213284, https://github.com/FRRouting/frr/pull/14290) [+ 0013-bgpd-Use-treat-as-withdraw-for-tunnel-encapsulation-.patch]
* Wed Nov 02 2022 Marius Tomaschewski - Applied upstream fix for a possible use-after-free due to a race condition related to bgp_notify_send_with_data() and bgp_process_packet() in bgp_packet.c. This could lead to Remote Code Execution or Information Disclosure by sending crafted BGP packets (CVE-2022-37035,bsc#1202085). [+ 0011-bgpd-avoid-notify-race-between-io-and-main-pthreads.patch]- Apply upstream fixes for frrinit.sh to avoid a privilege escalation from frr to root in frr config creation (bsc#1204124,CVE-2022-42917). [+ 0009-tools-Use-install-instead-of-touch-chown-combination.patch, + 0010-tools-Run-as-FRR_USER-install-chown-commands-to-avoi.patch]
* Mon Sep 05 2022 Marius Tomaschewski - Apply upstream fix for out-of-bounds read in the BGP daemon that may lead to information disclosure or denial of service (bsc#1202023,CVE-2022-37032) [+ 0007-bgpd-Make-sure-hdr-length-is-at-a-minimum-of-what-is.patch]- Apply upstream fix for a memory leak in the IS-IS daemon that may lead to server memory exhaustion (bsc#1202022,CVE-2019-25074) [+ 0008-isisd-Ensure-rcap-is-freed-in-error-case.patch]
* Mon Mar 07 2022 Marius Tomaschewski - Apply backport fix for a buffer overflow in isisd due to the use of strdup with a non-zero-terminated binary string (bsc#1196506,CVE-2022-26126) [+ 0006-isisd-fix-10505-using-base64-encoding.patch]- Apply backport fix for a buffer overflow in isisd due to wrong checks on the input packet length (bsc#1196505,CVE-2022-26125) with workaround for the GIT binary patch to tests/isisd/test_fuzz_isis_tlv_tests.h.gz [+ 0005-isisd-fix-router-capability-TLV-parsing-issues.patch]- Apply fix for a buffer overflow in babeld due to wrong checks on the input packet length in the packet_examin and subtlv parsing (bsc#1196504,bsc#1196507,CVE-2022-26128,CVE-2022-26129) [+ 0004-babeld-fix-10502-10503-by-repairing-the-checks-on-le.patch]- Apply fix for a heap buffer overflow in babeld due to missing check on the input packet length (bsc#1196503,CVE-2022-26127) [+ 0003-babeld-fix-10487-by-adding-a-check-on-packet-length.patch]
* Fri Apr 23 2021 Marius Tomaschewski - Use skip, not xfail in 0001-disable-zmq-test.patch to disable zmq test as it is not expected to fail but hangs (bsc#1180217)
* Mon Dec 21 2020 Rubén Torrero Marijnissen - Disable ZeroMQ tests due to sporadic timeouts during package builds (bsc#1180217) [+ 0001-disable-zmq-test.patch]
* Fri Oct 02 2020 Marius Tomaschewski - add build condition disabling mininet build require by default, needed by the optional topology tests.- removed one occurrence of vrrpd binary listed twice in file list
* Wed Jul 01 2020 Martin Hauke - Update to version 7.4
* Upstream does not provide a changelog- Drop patch (fixed upstream):
* 0001-build-use-configfile-mode-in-init-script.patch
* Sun May 31 2020 Erico Mendonca - 0001-build-use-configfile-mode-in-init-script.patch: Fix CVE-2020-12831 (boo#1171658).
* Wed May 06 2020 Martin Hauke - Update to version 7.3.1 Bugfix/maintenance release
* Upstream does not provide a changelog
* Tue Apr 07 2020 Marcus Rueckert - enable verbose make rules- enable grpc support. new subpackage libfrrgrpc_pb0, new BR: pkgconfig(grpc)- enable config rollbacks. new BR: pkgconfig(sqlite3)- enable realms support- enable shell access- make sure we use system openssl- fix shebang line of the frr-reload.py and generate_support_bundle.py script so we dont pull python2- do not delete users and groups.- add Requires for libyang-extentions
* Sat Feb 15 2020 Martin Hauke - Update to version 7.3
* Upstream does not provide a changelog this time- Remove patch:
* fix_tests.patch (not longer needed)
* Sat Jan 18 2020 Martin Hauke - Update to version 7.2.1: BGPd
* Fix Addpath issue
* Do not apply eBGP policy for iBGP peers
* Show ip and fqdn in json output for show [ip] bgp json
* Fix large route-distinguisher\'s format
* Fix no bgp listen range ... configuration command
* Autocomplete neighbor for clear bgp
* Reflect the distance in RIB when it is changed for an arbitrary afi/safi
* Notify \"Peer De-configured\" after entering \'no neighbor cmd
* Fix per afi/safi addpath peer counting
* Rework BGP dampening to be per AFI/SAFI
* Do not send next-hop as :: in MP_REACH_NLRI if no link-local exists
* Override peer\'s TTL only if peer-group is configured with TTL
* Remove error message for unkown afi/safi combination
* Keep the session down if maximum-prefix is reached OSPFd
* Fix BFD down not tearing down OSPF adjacency for point-to-point net BFDd
* Fix multiple VRF handling
* VRF security improvement PIMd
* Fix rp crash NHRPd
* Make sure no ip nhrp map works as expected LDPd
* Add missing sanity check in the parsing of label messages Zebra
* Use correct state when installing evpn macs
* Capture dplane plugin flags lib
* Fix interface config when vrf changes
* Fix Interface Infinite Loop Walk (for special interfaces such as bond) Others
* Rename man pages (to avoid conflicts with other packages)
* Various other fixes for code cleanup and memory leaks
* Fri Jan 17 2020 Martin Hauke - Fix license tag
* Wed Jan 15 2020 Martin Hauke - Build with support for pcre, protobuf, rpki and zeromq by default
* Wed Jan 15 2020 Ismail Dönmez - Cleanup spec file
* Sun Jan 12 2020 Martin Hauke - Fix build-time dependencies- Remove superflous comments
* Wed Dec 11 2019 Erico Mendonca - fix_tests.patch: correct syntax for Python 3 imports in tests.- Enabling tests
* Wed Dec 11 2019 erico.mendoncaAATTsuse.com- Update to version frr7.2:
* zebra: use correct state when installing evpn macs
* lib: set entry to xpath in if_update_to_new_vrf
* zebra: capture dplane plugin flags
* bgpd: Autocomplete neighbor for clear bgp
* ospfd,eigrpd: don\'t take address of packed struct member
* bgpd: Prevent crash in bgp_table_range_lookup
* bgpd: Fix memory leak in json output of show commands
* tests: Test if `distance bgp (1-255) (1-255) (1-255)` works
* bgpd: Reflect the distance in RIB when it is changed for an arbitrary afi/safi
* bfdd: fix multiple VRF handling
* Tue Dec 10 2019 Erico Mendonca - Updating to version 7.2- Adding systemd scripts- Fixing build and permission issues
* Tue Jun 18 2019 Martin Hauke - Update to version 7.0.1
* Sat Feb 02 2019 mardnhAATTgmx.de- Initial package, version 6.0.2
  
ICM