Revisions of frr
buildservice-autocommit
accepted
request 1204744
from
Marius Tomaschewski (mtomaschewski)
(revision 18)
auto commit by copy to link target
Marius Tomaschewski (mtomaschewski)
committed
(revision 17)
- Update to frr 10.0.2 release providing fix for CVE-2024-44070 - Removed patch included in the sources:
Marius Tomaschewski (mtomaschewski)
committed
(revision 16)
- Update to frr 10.0.2 release including fix for CVE-2024-44070 and other issues, see https://frrouting.org/release/10.0.2/ - Removed CVE-2024-44070 patch included in the sources: [- 0002-bgpd-Check-the-actual-remaining-stream-length-before.patch] - add release notes url to 10.0.1 update - fixed bug/pull request references in frr.changes file See https://frrouting.org/release/10.0.1/ treat-as-withdraw outcome (CVE-2023-47235,bsc#1216896,https://github.com/FRRouting/frr/pull/14716/commits/6814f2e0138a6ea5e1f83bdd9085d9a77999900b) bsc#1216897,https://github.com/FRRouting/frr/pull/14716/commits/c37119df45bbf4ef713bc10475af2ee06e12f3bf)
buildservice-autocommit
accepted
request 1195553
from
Marius Tomaschewski (mtomaschewski)
(revision 15)
auto commit by copy to link target
Marius Tomaschewski (mtomaschewski)
committed
(revision 14)
+ 0002-bgpd-Check-the-actual-remaining-stream-length-before.patch - Re-added 0001-disable-zmq-test.patch to avoid (sporadic or arch specific, e.g. aarch64) "make check" test failures (bsc#1180217). + 0001-disable-zmq-test.patch - Re-added hardening patch for systemd service(s) (bsc#1181400): + harden_frr.service.patch - Cleanup unknown --enable-systemd and correct the --sysconfdir and --localstatedir configure options to not end in …/frr.
Marius Tomaschewski (mtomaschewski)
committed
(revision 13)
- Cleanup unknown --enable-systemd and correct the --sysconfdir and --localstatedir configure options to not end in …/frr.
Marius Tomaschewski (mtomaschewski)
committed
(revision 12)
- Apply upstream fix for crash in bgp_attr_encap that were missing a check of the actual remaining stream length before taking the TLV value (CVE-2024-44070,bsc#1229438,gh#FRRouting/frr#16502): - 0001-bgpd-Check-the-actual-remaining-stream-length-before.patch - Re-Added hardening patch for systemd service(s) (bsc#1181400): - harden_frr.service.patch
buildservice-autocommit
accepted
request 1130736
from
Marius Tomaschewski (mtomaschewski)
(revision 11)
auto commit by copy to link target
Marius Tomaschewski (mtomaschewski)
committed
(revision 10)
- Apply upstream fix for a crash on malformed BGP UPDATE message with an EOR, because the presence of EOR does not lead to a treat-as-withdraw outcome (CVE-2023-47235,1216896,https://github.com/FRRouting/frr/pull/14716/commits/6814f2e0138a6ea5e1f83bdd9085d9a77999900b) [+ 0015-bgpd-Treat-EOR-as-withdrawn-to-avoid-unwanted-handli.patch] - Apply upstream fix for a crash on crafted BGP UPDATE message with a MP_UNREACH_NLRI attribute and additional NLRI data (CVE-2023-47234, bsc#1216897,ttps://github.com/FRRouting/frr/pull/14716/commits/c37119df45bbf4ef713bc10475af2ee06e12f3bf) [+ 0016-bgpd-Ignore-handling-NLRIs-if-we-received-MP_UNREACH.patch] - Apply upstream fix for attempts to read beyond the end of the stream during labeled unicast parsing (CVE-2023-38407,bsc#1216899,https://github.com/FRRouting/frr/pull/12956/commits/ab362eae68edec12c175d9bc488bcc3f8b73d36f) [+ 0017-bgpd-Fix-use-beyond-end-of-stream-of-labeled-unicast.patch] - Apply upstream fix for an nlri length of zero mishandling, aka "flowspec overflow" (CVE-2023-38406,bsc#1216900,https://github.com/FRRouting/frr/pull/12884/commits/0b999c886e241c52bd1f7ef0066700e4b618ebb3) [+ 0018-bgpd-Flowspec-overflow-issue.patch]
buildservice-autocommit
accepted
request 1121202
from
Marius Tomaschewski (mtomaschewski)
(revision 9)
auto commit by copy to link target
Marius Tomaschewski (mtomaschewski)
committed
(revision 8)
- Apply upstream fix for a crash due to a crafted BGP UPDATE message (CVE-2023-46753,bsc#1216626,https://github.com/FRRouting/frr/pull/14655/commits/21418d64af11553c402f932b0311c812d98ac3e4). [+ 0013-bgpd-Check-mandatory-attributes-more-carefully-for-U.patch] - Apply upstream fix for a crash due to mishandled malformed MP_REACH_NLRI data (CVE-2023-46752,bsc#1216627,https://github.com/FRRouting/frr/pull/14645/commits/b08afc81c60607a4f736f418f2e3eb06087f1a35). [+ 0014-bgpd-Handle-MP_REACH_NLRI-malformed-packets-with-ses.patch]
buildservice-autocommit
accepted
request 1111550
from
Marius Tomaschewski (mtomaschewski)
(revision 7)
auto commit by copy to link target
Marius Tomaschewski (mtomaschewski)
committed
(revision 6)
- Apply upstream fix for NULL pointer dereference due to processing of malformed requests with no attributes in bgp_nlri_parse_flowspec (CVE-2023-41909,bsc#1215065,https://github.com/FRRouting/frr/pull/13222/commits/cfd04dcb3e689754a72507d086ba3b9709fc5ed8). [+ 0012-bgpd-Limit-flowspec-to-no-attribute-means-a-implicit.patch]
buildservice-autocommit
accepted
request 1108163
from
Marius Tomaschewski (mtomaschewski)
(revision 5)
auto commit by copy to link target
Marius Tomaschewski (mtomaschewski)
committed
(revision 4)
- Removed protobuf-c BuildRequires (source package name) breaking build-system setup with libprotobuf-c-devel 1.3.2 updates. - Apply upstream fix babeld: avoid infinite loops (CVE-2023-3748,bsc#1213434, gh#FRRouting/frr#11808,https://github.com/FRRouting/frr/pull/12952) [+ 0011-babeld-fix-11808-to-avoid-infinite-loops.patch]
Marius Tomaschewski (mtomaschewski)
committed
(revision 3)
- Removed protobuf-c BuildRequires breaking build-system setup
Marius Tomaschewski (mtomaschewski)
committed
(revision 2)
- Apply upstream fix for bgpd: Don't read initial byte of the ORF header in an ahead-of-stream situation (CVE-2023-41360, bsc#1214739,https://github.com/FRRouting/frr/pull/14245) [+ 0008-bgpd-Don-t-read-the-first-byte-of-ORF-header-if-we-a.patch] - Apply upstream fix for bgpd: Do not process NLRIs if the attribute length is zero (CVE-2023-41358,bsc#1214735, https://github.com/FRRouting/frr/pull/14260) [+ 0009-bgpd-Do-not-process-NLRIs-if-the-attribute-length-is.patch] - Apply upstream fix bgpd: Use treat-as-withdraw for tunnel encapsulation attribute instead of session reset (CVE-2023-38802,bsc#1213284, https://github.com/FRRouting/frr/pull/14290) [+ 0010-bgpd-Use-treat-as-withdraw-for-tunnel-encapsulation-.patch]
Marius Tomaschewski (mtomaschewski)
committed
(revision 1)
Displaying all 18 revisions