File frr.changes of Package frr.26974
-------------------------------------------------------------------
Wed Nov 2 11:47:48 UTC 2022 - Marius Tomaschewski <mt@suse.com>
- Applied upstream fix for a possible use-after-free due to a race
condition related to bgp_notify_send_with_data() and
bgp_process_packet() in bgp_packet.c. This could lead to Remote
Code Execution or Information Disclosure by sending crafted BGP
packets (CVE-2022-37035,bsc#1202085).
[+ 0011-bgpd-avoid-notify-race-between-io-and-main-pthreads.patch]
- Apply upstream fixes for frrinit.sh to avoid a privilege escalation
from frr to root in frr config creation (bsc#1204124,CVE-2022-42917).
[+ 0009-tools-Use-install-instead-of-touch-chown-combination.patch,
+ 0010-tools-Run-as-FRR_USER-install-chown-commands-to-avoi.patch]
-------------------------------------------------------------------
Mon Sep 5 11:48:25 UTC 2022 - Marius Tomaschewski <mt@suse.com>
- Apply upstream fix for out-of-bounds read in the BGP daemon
that may lead to information disclosure or denial of service
(bsc#1202023,CVE-2022-37032)
[+ 0007-bgpd-Make-sure-hdr-length-is-at-a-minimum-of-what-is.patch]
- Apply upstream fix for a memory leak in the IS-IS daemon that
may lead to server memory exhaustion (bsc#1202022,CVE-2019-25074)
[+ 0008-isisd-Ensure-rcap-is-freed-in-error-case.patch]
-------------------------------------------------------------------
Mon Mar 7 17:07:49 UTC 2022 - Marius Tomaschewski <mt@suse.com>
- Apply backport fix for a buffer overflow in isisd due to the use of strdup
with a non-zero-terminated binary string (bsc#1196506,CVE-2022-26126)
[+ 0006-isisd-fix-10505-using-base64-encoding.patch]
- Apply backport fix for a buffer overflow in isisd due to wrong checks on
the input packet length (bsc#1196505,CVE-2022-26125) with workaround
for the GIT binary patch to tests/isisd/test_fuzz_isis_tlv_tests.h.gz
[+ 0005-isisd-fix-router-capability-TLV-parsing-issues.patch]
- Apply fix for a buffer overflow in babeld due to wrong checks on
the input packet length in the packet_examin and subtlv parsing
(bsc#1196504,bsc#1196507,CVE-2022-26128,CVE-2022-26129)
[+ 0004-babeld-fix-10502-10503-by-repairing-the-checks-on-le.patch]
- Apply fix for a heap buffer overflow in babeld due to missing check
on the input packet length (bsc#1196503,CVE-2022-26127)
[+ 0003-babeld-fix-10487-by-adding-a-check-on-packet-length.patch]
-------------------------------------------------------------------
Fri Apr 23 03:05:06 UTC 2021 - Marius Tomaschewski <mt@suse.com>
- Use skip, not xfail in 0001-disable-zmq-test.patch to disable
zmq test as it is not expected to fail but hangs (bsc#1180217)
-------------------------------------------------------------------
Mon Dec 21 16:31:44 UTC 2020 - Rubén Torrero Marijnissen <rtorreromarijnissen@suse.com>
- Disable ZeroMQ tests due to sporadic timeouts during package builds (bsc#1180217)
[+ 0001-disable-zmq-test.patch]
-------------------------------------------------------------------
Fri Oct 2 12:38:25 UTC 2020 - Marius Tomaschewski <mt@suse.com>
- add build condition disabling mininet build require by default,
needed by the optional topology tests.
- removed one occurrence of vrrpd binary listed twice in file list
-------------------------------------------------------------------
Wed Jul 1 12:21:24 UTC 2020 - Martin Hauke <mardnh@gmx.de>
- Update to version 7.4
* Upstream does not provide a changelog
- Drop patch (fixed upstream):
* 0001-build-use-configfile-mode-in-init-script.patch
-------------------------------------------------------------------
Sun May 31 22:40:46 UTC 2020 - Erico Mendonca <erico.mendonca@suse.com>
- 0001-build-use-configfile-mode-in-init-script.patch: Fix CVE-2020-12831 (boo#1171658).
-------------------------------------------------------------------
Wed May 6 16:07:32 UTC 2020 - Martin Hauke <mardnh@gmx.de>
- Update to version 7.3.1
Bugfix/maintenance release
* Upstream does not provide a changelog
-------------------------------------------------------------------
Tue Apr 7 21:38:12 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
- enable verbose make rules
- enable grpc support. new subpackage libfrrgrpc_pb0, new BR:
pkgconfig(grpc)
- enable config rollbacks. new BR: pkgconfig(sqlite3)
- enable realms support
- enable shell access
- make sure we use system openssl
- fix shebang line of the frr-reload.py and
generate_support_bundle.py script so we dont pull python2
- do not delete users and groups.
- add Requires for libyang-extentions
-------------------------------------------------------------------
Sat Feb 15 21:27:22 UTC 2020 - Martin Hauke <mardnh@gmx.de>
- Update to version 7.3
* Upstream does not provide a changelog this time
- Remove patch:
* fix_tests.patch (not longer needed)
-------------------------------------------------------------------
Sat Jan 18 20:25:42 UTC 2020 - Martin Hauke <mardnh@gmx.de>
- Update to version 7.2.1:
BGPd
* Fix Addpath issue
* Do not apply eBGP policy for iBGP peers
* Show ip and fqdn in json output for show [ip] bgp <route> json
* Fix large route-distinguisher's format
* Fix no bgp listen range ... configuration command
* Autocomplete neighbor for clear bgp
* Reflect the distance in RIB when it is changed for an
arbitrary afi/safi
* Notify "Peer De-configured" after entering 'no neighbor cmd
* Fix per afi/safi addpath peer counting
* Rework BGP dampening to be per AFI/SAFI
* Do not send next-hop as :: in MP_REACH_NLRI if no link-local
exists
* Override peer's TTL only if peer-group is configured with TTL
* Remove error message for unkown afi/safi combination
* Keep the session down if maximum-prefix is reached
OSPFd
* Fix BFD down not tearing down OSPF adjacency for
point-to-point net
BFDd
* Fix multiple VRF handling
* VRF security improvement
PIMd
* Fix rp crash
NHRPd
* Make sure no ip nhrp map <something> works as expected
LDPd
* Add missing sanity check in the parsing of label messages
Zebra
* Use correct state when installing evpn macs
* Capture dplane plugin flags
lib
* Fix interface config when vrf changes
* Fix Interface Infinite Loop Walk (for special interfaces such
as bond)
Others
* Rename man pages (to avoid conflicts with other packages)
* Various other fixes for code cleanup and memory leaks
-------------------------------------------------------------------
Fri Jan 17 21:07:45 UTC 2020 - Martin Hauke <mardnh@gmx.de>
- Fix license tag
-------------------------------------------------------------------
Wed Jan 15 20:34:50 UTC 2020 - Martin Hauke <mardnh@gmx.de>
- Build with support for pcre, protobuf, rpki and zeromq by default
-------------------------------------------------------------------
Wed Jan 15 14:34:59 UTC 2020 - Ismail Dönmez <idonmez@suse.com>
- Cleanup spec file
-------------------------------------------------------------------
Sun Jan 12 09:40:39 UTC 2020 - Martin Hauke <mardnh@gmx.de>
- Fix build-time dependencies
- Remove superflous comments
-------------------------------------------------------------------
Wed Dec 11 23:18:06 UTC 2019 - Erico Mendonca <erico.mendonca@suse.com>
- fix_tests.patch: correct syntax for Python 3 imports in tests.
- Enabling tests
-------------------------------------------------------------------
Wed Dec 11 02:37:42 UTC 2019 - erico.mendonca@suse.com
- Update to version frr7.2:
* zebra: use correct state when installing evpn macs
* lib: set entry to xpath in if_update_to_new_vrf
* zebra: capture dplane plugin flags
* bgpd: Autocomplete neighbor for clear bgp
* ospfd,eigrpd: don't take address of packed struct member
* bgpd: Prevent crash in bgp_table_range_lookup
* bgpd: Fix memory leak in json output of show commands
* tests: Test if `distance bgp (1-255) (1-255) (1-255)` works
* bgpd: Reflect the distance in RIB when it is changed for an arbitrary afi/safi
* bfdd: fix multiple VRF handling
-------------------------------------------------------------------
Tue Dec 10 12:58:21 UTC 2019 - Erico Mendonca <erico.mendonca@suse.com>
- Updating to version 7.2
- Adding systemd scripts
- Fixing build and permission issues
-------------------------------------------------------------------
Tue Jun 18 08:59:05 UTC 2019 - Martin Hauke <mardnh@gmx.de>
- Update to version 7.0.1
-------------------------------------------------------------------
Sat Feb 2 13:50:16 UTC 2019 - mardnh@gmx.de
- Initial package, version 6.0.2
