- Apply fix for a buffer overflow in isisd due to the use of strdup
with a non-zero-terminated binary string (bsc#1196506,CVE-2022-26126)
[+ 0006-isisd-fix-10505-using-base64-encoding.patch]
- Apply fix for a buffer overflow in isisd due to wrong checks on
the input packet length (bsc#1196505,CVE-2022-26125) with workaround
for the GIT binary patch to tests/isisd/test_fuzz_isis_tlv_tests.h.gz
[+ 0005-isisd-fix-router-capability-TLV-parsing-issues.patch]
- Apply fix for a buffer overflow in babeld due to wrong checks on
the input packet length in the packet_examin and subtlv parsing
(bsc#1196504,bsc#1196507,CVE-2022-26128,CVE-2022-26129)
[+ 0004-babeld-fix-10502-10503-by-repairing-the-checks-on-le.patch]
- Apply fix for a heap buffer overflow in babeld due to missing check
on the input packet length (bsc#1196503,CVE-2022-26127)
[+ 0003-babeld-fix-10487-by-adding-a-check-on-packet-length.patch]
OBS-URL: https://build.opensuse.org/request/show/958040
OBS-URL: https://build.opensuse.org/package/show/network/frr?expand=0&rev=37
- enable verbose make rules
- enable grpc support. new subpackage libfrrgrpc_pb0, new BR:
pkgconfig(grpc)
- enable config rollbacks. new BR: pkgconfig(sqlite3)
- enable realms support
- enable shell access
- make sure we use system openssl
- fix shebang line of the frr-reload.py and
generate_support_bundle.py script so we dont pull python2
- do not delete users and groups.
- add Requires for libyang-extentions
OBS-URL: https://build.opensuse.org/request/show/792552
OBS-URL: https://build.opensuse.org/package/show/network/frr?expand=0&rev=12
- Update to version 7.2.1:
BGPd
* Fix Addpath issue
* Do not apply eBGP policy for iBGP peers
* Show ip and fqdn in json output for show [ip] bgp <route> json
* Fix large route-distinguisher's format
* Fix no bgp listen range ... configuration command
* Autocomplete neighbor for clear bgp
* Reflect the distance in RIB when it is changed for an
arbitrary afi/safi
* Notify "Peer De-configured" after entering 'no neighbor cmd
* Fix per afi/safi addpath peer counting
* Rework BGP dampening to be per AFI/SAFI
* Do not send next-hop as :: in MP_REACH_NLRI if no link-local
exists
* Override peer's TTL only if peer-group is configured with TTL
* Remove error message for unkown afi/safi combination
* Keep the session down if maximum-prefix is reached
OSPFd
* Fix BFD down not tearing down OSPF adjacency for
point-to-point net
BFDd
* Fix multiple VRF handling
* VRF security improvement
PIMd
* Fix rp crash
NHRPd
* Make sure no ip nhrp map <something> works as expected
LDPd
* Add missing sanity check in the parsing of label messages
OBS-URL: https://build.opensuse.org/request/show/765491
OBS-URL: https://build.opensuse.org/package/show/network/frr?expand=0&rev=7
