10b96f6e29
Accepting request 1035295 from network
...
OBS-URL: https://build.opensuse.org/request/show/1035295
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/quagga?expand=0&rev=58
2022-11-12 16:41:20 +00:00
c153b30597
Accepting request 1035188 from home:mtomaschewski:branches:network
...
- Remove attempts to correct configuration file ownership and
permissions in service files, that may lead to local privilege
escalation from quagga to root (bsc#1191890,CVE-2021-44038).
[+ remove-chown-chmod.service.patch]
- Correct hardening patches adding ReadWritePaths=/etc/quagga
- Add update-messages that quagga is not developed for years,
is about to get dropped from Factory/Tumbleweed soon and
users should migrate to FRR (https://frrouting.org/ ).
OBS-URL: https://build.opensuse.org/request/show/1035188
OBS-URL: https://build.opensuse.org/package/show/network/quagga?expand=0&rev=76
2022-11-11 15:19:38 +00:00
0ce934e860
Accepting request 1032851 from network
...
Automatic submission by obs-autosubmit
OBS-URL: https://build.opensuse.org/request/show/1032851
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/quagga?expand=0&rev=57
2022-11-02 11:47:37 +00:00
2d869d35cd
Accepting request 1003794 from home:schubi2:logrotate
...
- Migration to /usr/etc: Saving user changed configuration files
in /etc and restoring them while an RPM update.
OBS-URL: https://build.opensuse.org/request/show/1003794
OBS-URL: https://build.opensuse.org/package/show/network/quagga?expand=0&rev=74
2022-11-02 10:25:43 +00:00
9270890290
Accepting request 985928 from network
...
OBS-URL: https://build.opensuse.org/request/show/985928
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/quagga?expand=0&rev=56
2022-06-30 11:18:24 +00:00
Lars Vogdt
27e8758d8b
Accepting request 985752 from home:schubi2
...
- Moved logrotate files from user specific directory /etc/logrotate.d
to vendor specific directory /usr/etc/logrotate.d.
OBS-URL: https://build.opensuse.org/request/show/985752
OBS-URL: https://build.opensuse.org/package/show/network/quagga?expand=0&rev=72
2022-06-29 17:57:39 +00:00
Lars Vogdt
95760a9d7d
Accepting request 926713 from home:jsegitz:branches:systemdhardening:network
...
Automatic systemd hardening effort by the security team. This has not been tested. For details please see https://en.opensuse.org/openSUSE:Security_Features#Systemd_hardening_effort
OBS-URL: https://build.opensuse.org/request/show/926713
OBS-URL: https://build.opensuse.org/package/show/network/quagga?expand=0&rev=71
2021-10-29 13:59:31 +00:00
088291239f
Accepting request 884131 from home:elvigia:branches:network
...
- Avoid using libpcre-posix, which is intended for systems without
a working regex.h, symbols clash with libc and undefined behaviour
may ensue.
OBS-URL: https://build.opensuse.org/request/show/884131
OBS-URL: https://build.opensuse.org/package/show/network/quagga?expand=0&rev=70
2021-05-10 08:38:29 +00:00
f561e9c737
Accepting request 698175 from network
...
OBS-URL: https://build.opensuse.org/request/show/698175
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/quagga?expand=0&rev=55
2019-04-26 20:55:30 +00:00
Tomáš Chvátal
8c87637c6b
Accepting request 698166 from home:jubalh:branches:network
...
- bsc#1130588: Require shadow instead of old pwdutils
OBS-URL: https://build.opensuse.org/request/show/698166
OBS-URL: https://build.opensuse.org/package/show/network/quagga?expand=0&rev=68
2019-04-26 11:06:02 +00:00
5be8185764
Accepting request 650573 from network
...
OBS-URL: https://build.opensuse.org/request/show/650573
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/quagga?expand=0&rev=54
2018-11-26 09:24:55 +00:00
Tomáš Chvátal
cfde3bcf18
Accepting request 649018 from home:mnhauke:network
...
- Update to version 1.2.4
Bugfix release
See http://mirror.easyname.at/nongnu/quagga/quagga-1.2.4.changelog.txt
for complete changelog.
- Update to version 1.2.3
Bugfix and security release
See http://mirror.easyname.at/nongnu/quagga/quagga-1.2.3.changelog.txt
for complete changelog.
* Security related changes:
+ Fixes CVE-2018-5278
+ Fixes CVE-2018-5279
+ Fixes CVE-2018-5280
+ Fixes CVE-2018-5281
- Update to version 1.2.2
Bugfix and security release
See http://mirror.easyname.at/nongnu/quagga/quagga-1.2.2.changelog.txt
for complete changelog.
* Security related changes:
+ Fixes CVE-2017-16227
- Update to version 1.2.1
Bugfix release
See http://mirror.easyname.at/nongnu/quagga/quagga-1.2.1.changelog.txt
for complete changelog.
- Update to version 1.2.0
Bugfix release
See http://mirror.easyname.at/nongnu/quagga/quagga-1.2.0.changelog.txt
for complete changelog.
- Rebase patch:
* 0001-systemd-change-the-WantedBy-target.patch
- Removed patches (fixed upstream):
OBS-URL: https://build.opensuse.org/request/show/649018
OBS-URL: https://build.opensuse.org/package/show/network/quagga?expand=0&rev=66
2018-11-21 07:59:04 +00:00
862595f679
Accepting request 577176 from network
...
- Added CVE references to patches and changelog
- Applied security fix for bgpd DoS via specially crafted BGP
UPDATE messages (CVE-2017-16227,bsc#1065641)
[+ quagga-CVE-2017-16227-bgpd-Fix-AS_PATH-size-calculation.patch]
- Applied security fix for bgpd bounds check issue via attribute
length (CVE-2018-5378,Quagga-2018-0543,bsc#1079798)
[+ Quagga-2018-0543-bgpd.bsc1079798.patch]
- Applied security fix for bgpd double free when processing UPDATE
message (CVE-2018-5379,Quagga-2018-1114,bsc#1079799)
[+ Quagga-2018-1114-bgpd.bsc1079799.patch]
- Applied security fix for bgpd code-to-string conversion tables
overrun (CVE-2018-5380,Quagga-2018-1550,bsc#1079800)
[+ Quagga-2018-1550-bgpd-bsc1079800.patch]
- Applied security fix for bgpd infinite loop on certain invalid
OPEN messages (CVE-2018-5381,Quagga-2018-1975,bsc#1079801)
[+ Quagga-2018-1975-bdpd.bsc1079801.patch]
OBS-URL: https://build.opensuse.org/request/show/577176
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/quagga?expand=0&rev=53
2018-02-16 20:45:15 +00:00
0dd2325500
Added CVE to references in the patch files
...
OBS-URL: https://build.opensuse.org/package/show/network/quagga?expand=0&rev=64
2018-02-16 08:36:16 +00:00
3143511af8
Added CVE's to the changelog:
...
CVE-2018-5378,Quagga-2018-0543,bsc#1079798
CVE-2018-5379,Quagga-2018-1114,bsc#1079799
CVE-2018-5380,Quagga-2018-1550,bsc#1079800
CVE-2018-5381,Quagga-2018-1975,bsc#1079801
OBS-URL: https://build.opensuse.org/package/show/network/quagga?expand=0&rev=63
2018-02-16 08:34:01 +00:00
7aa0fc88ae
- Applied security fix for bgpd DoS via specially crafted BGP
...
UPDATE messages (CVE-2017-16227,bsc#1065641)
[+ quagga-CVE-2017-16227-bgpd-Fix-AS_PATH-size-calculation.patch]
- Applied security fix for bgpd bounds check issue via attribute
length (Quagga-2018-0543,bsc#1079798)
[+ Quagga-2018-0543-bgpd.bsc1079798.patch]
- Applied security fix for bgpd double free when processing UPDATE
message (Quagga-2018-1114,bsc#1079799)
[+ Quagga-2018-1114-bgpd.bsc1079799.patch]
- Applied security fix for bgpd code-to-string conversion tables
overrun (Quagga-2018-1550,bsc#1079800)
[+ Quagga-2018-1550-bgpd-bsc1079800.patch]
- Applied security fix for bgpd infinite loop on certain invalid
OPEN messages (Quagga-2018-1975,bsc#1079801)
[+ Quagga-2018-1975-bdpd.bsc1079801.patch]
OBS-URL: https://build.opensuse.org/package/show/network/quagga?expand=0&rev=62
2018-02-16 08:18:18 +00:00
2e5a22335c
Accepting request 545122 from network
...
OBS-URL: https://build.opensuse.org/request/show/545122
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/quagga?expand=0&rev=52
2017-11-25 07:43:31 +00:00
ac1d49b789
Accepting request 544669 from home:RBrownSUSE:branches:network
...
Replace references to /var/adm/fillup-templates with new %_fillupdir macro (boo#1069468)
OBS-URL: https://build.opensuse.org/request/show/544669
OBS-URL: https://build.opensuse.org/package/show/network/quagga?expand=0&rev=60
2017-11-24 10:22:19 +00:00
fb64044181
Accepting request 487325 from network
...
- Disabled passwords in default zebra.conf config file, causing
to disable vty telnet interface by default. The vty interface
is available via "vtysh" utility using pam authentication to
permit management access for root without password (bsc#1021669).
- Changed owner of /etc/quagga to quagga:quagga to permit to manage
quagga via vty interface.
OBS-URL: https://build.opensuse.org/request/show/487325
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/quagga?expand=0&rev=51
2017-04-12 15:37:33 +00:00
0eb49fbeb9
- Changed owner of /etc/quagga to quagga:quagga to permit to manage
...
quagga via vty interface.
OBS-URL: https://build.opensuse.org/package/show/network/quagga?expand=0&rev=58
2017-04-11 12:10:01 +00:00
e183ef0ab6
- Disabled passwords in default zebra.conf config file, causing
...
to disable vty telnet interface by default. The vty interface
is available via "vtysh" utility using pam authentication to
permit management access for root without password (bsc#1021669).
OBS-URL: https://build.opensuse.org/package/show/network/quagga?expand=0&rev=57
2017-04-11 12:00:55 +00:00
aef1de4876
Accepting request 485964 from network
...
1
OBS-URL: https://build.opensuse.org/request/show/485964
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/quagga?expand=0&rev=50
2017-04-11 07:46:08 +00:00
dba8db6f0f
Accepting request 484850 from home:scarabeus_iv:branches:network
...
- Remove FIXME's added by spec-cleaner by using proper phases for the
prereq deps
- Remove code checking for the proc mounting (build scripts do that
for us anyway) + remove the commented out autoconf
- Use content of %tmpfiles_create macro rather than 2 lines of checks
- Use version in zebra provides/obsoletes to avoid rpmlint warning
OBS-URL: https://build.opensuse.org/request/show/484850
OBS-URL: https://build.opensuse.org/package/show/network/quagga?expand=0&rev=55
2017-04-06 05:38:56 +00:00
319028b64d
disabled autoreconf, currently not needed
...
OBS-URL: https://build.opensuse.org/package/show/network/quagga?expand=0&rev=54
2017-03-31 08:21:43 +00:00
d25978b86a
- Added quagga.log and create and su statemets to logrotate config,
...
changed default zebra log file name from quagga.log to zebra.log.
- Cleaned up the spec file using spec-cleaner.
OBS-URL: https://build.opensuse.org/package/show/network/quagga?expand=0&rev=53
2017-03-31 07:36:00 +00:00
4180f7ba21
- Do not enable zebra's tcp interface (port 2600) to use default
...
unix socket for communication between the daemons (fate#323170).
OBS-URL: https://build.opensuse.org/package/show/network/quagga?expand=0&rev=52
2017-03-29 11:55:37 +00:00
eb10580f3a
- Update to quagga-1.1.1, a security and bug fix release (fate#323168):
...
See http://mirror.easyname.at/nongnu/quagga/quagga-1.1.1.changelog.txt
for complete changelog, a digest of the changes:
- Telnet 'vty' interface DoS fix due to unbounded memory
allocation (CVE-2017-5495,bsc#1021669)
- revert opsf6d: Update router-LSA when nbr's interface-ID changes
See http://mirror.easyname.at/nongnu/quagga/quagga-1.0.20161017.changelog.txt
for complete changelog, a digest of the changes:
- isisd: Fix size of malloc
- isisd: check for the existance of the correct list
- ospf6d: fix off-by-one on display of spf reasons
- ospf6d: don't access nexthops out of bounds
- bgpd: fix off-by-one in attribute flags handling
- zebra: stack overrun in IPv6 RA receive code (CVE-2016-1245)
- bgpd: Fix buffer overflow error in bgp_dump_routes_func
- Added libfpm_pb0 and libquagga_pb0 shared library sub-packages,
adjusted libzebra0 sub-package name to libzebra1.
- Use tmpfiles_create RPM macro to create quagga rundir and adjust
tmpfiles config to contain proper rundir at install time.
- Removed obsolete patches:
quagga-CVE-2016-1245-stack-overrun-in-IPv6-RA-receive.patch
quagga-CVE-2016-4049-fix-buf-ovflow-bgp-dump-routes.patch
quagga-autoconf-detect-AM_SILENT_RULES.patch
OBS-URL: https://build.opensuse.org/package/show/network/quagga?expand=0&rev=51
2017-03-29 11:28:30 +00:00
f4c0d3f8be
Accepting request 438241 from network
...
1
OBS-URL: https://build.opensuse.org/request/show/438241
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/quagga?expand=0&rev=49
2016-11-05 20:25:48 +00:00
Ismail Dönmez
b48c9c29cd
Accepting request 436874 from home:jengelh:branches:network
...
- Implement shared library policy
- Check for user/group before adding them to the system
- Trim description
OBS-URL: https://build.opensuse.org/request/show/436874
OBS-URL: https://build.opensuse.org/package/show/network/quagga?expand=0&rev=49
2016-11-02 09:34:00 +00:00
bb9d254093
Accepting request 435908 from network
...
- Add quagga-CVE-2016-1245-stack-overrun-in-IPv6-RA-receive.patch:
Fix for a zebra stack overrun in IPv6 RA receive code.
(CVE-2016-1245, bsc#1005258)
OBS-URL: https://build.opensuse.org/request/show/435908
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/quagga?expand=0&rev=48
2016-10-20 21:09:23 +00:00
b0beaef5f1
- Add quagga-CVE-2016-1245-stack-overrun-in-IPv6-RA-receive.patch:
...
Fix for a zebra stack overrun in IPv6 RA receive code.
(CVE-2016-1245, bsc#1005258)
OBS-URL: https://build.opensuse.org/package/show/network/quagga?expand=0&rev=47
2016-10-18 12:37:40 +00:00
9afda209c5
Accepting request 407015 from network
...
1
OBS-URL: https://build.opensuse.org/request/show/407015
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/quagga?expand=0&rev=47
2016-07-12 21:51:51 +00:00
8603017b4d
Accepting request 406857 from home:TheBlackCat:branches:network
...
Fix Group tag.
OBS-URL: https://build.opensuse.org/request/show/406857
OBS-URL: https://build.opensuse.org/package/show/network/quagga?expand=0&rev=45
2016-07-06 17:04:47 +00:00
a50856f052
Accepting request 393659 from network
...
- Add quagga-CVE-2016-4049-fix-buf-ovflow-bgp-dump-routes.patch
Fix for a buffer overflow error in bgp_dump_routes_func.
(CVE-2016-4049, bsc#977012)
OBS-URL: https://build.opensuse.org/request/show/393659
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/quagga?expand=0&rev=46
2016-05-05 10:12:24 +00:00
Pawel Wieczorkiewicz
cb90d58b0a
- Add quagga-CVE-2016-4049-fix-buf-ovflow-bgp-dump-routes.patch
...
Fix for a buffer overflow error in bgp_dump_routes_func.
(CVE-2016-4049, bsc#977012)
OBS-URL: https://build.opensuse.org/package/show/network/quagga?expand=0&rev=43
2016-05-04 13:56:32 +00:00
a8fa43b50d
Accepting request 385755 from network
...
OBS-URL: https://build.opensuse.org/request/show/385755
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/quagga?expand=0&rev=45
2016-04-08 07:39:48 +00:00
4e07a9bc09
OBS-URL: https://build.opensuse.org/package/show/network/quagga?expand=0&rev=42
2016-04-07 12:15:56 +00:00
8ab65b4430
- replace quagga.keyring with the newer upstream keyring.
...
OBS-URL: https://build.opensuse.org/package/show/network/quagga?expand=0&rev=41
2016-04-07 12:03:32 +00:00
Pawel Wieczorkiewicz
cf114107de
- Add the %{_rundir} macro handling to spec in order to distinguish
...
/run/ vs /var/run distro versions.
OBS-URL: https://build.opensuse.org/package/show/network/quagga?expand=0&rev=40
2016-04-01 15:26:03 +00:00
Pawel Wieczorkiewicz
7b430247b6
- Add quagga-autoconf-detect-AM_SILENT_RULES.patch:
...
Fix autoconf issue of missing AM_SILENT_RULES macro.
- Add build requirement for xz
OBS-URL: https://build.opensuse.org/package/show/network/quagga?expand=0&rev=39
2016-04-01 10:57:51 +00:00
fad2c7c69d
Accepting request 382509 from home:pwieczorkiewicz
...
- Disallow unprivileged users to enter config directory /etc/quagga
(group: quagga, mode: 750) and read configuration files installed
there (group: quagga, mode: 640). (boo#770619)
- Add sysconfig.quagga:
Fillup template for /etc/sysconfig/quagga
- Update to version 1.0.20160315:
- Update to version 1.0.20160309:
OBS-URL: https://build.opensuse.org/request/show/382509
OBS-URL: https://build.opensuse.org/package/show/network/quagga?expand=0&rev=38
2016-04-01 09:44:28 +00:00
bd60fc20ff
Accepting request 339771 from network
...
1
OBS-URL: https://build.opensuse.org/request/show/339771
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/quagga?expand=0&rev=44
2015-10-19 20:53:46 +00:00
a5b57c8855
Accepting request 339521 from home:darix:routing
...
- run systemd-tmpfiles in %post to get the directory set up.
OBS-URL: https://build.opensuse.org/request/show/339521
OBS-URL: https://build.opensuse.org/package/show/network/quagga?expand=0&rev=36
2015-10-19 07:59:07 +00:00
474dbef5d7
Accepting request 293126 from network
...
1
OBS-URL: https://build.opensuse.org/request/show/293126
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/quagga?expand=0&rev=43
2015-03-27 08:40:34 +00:00
081b53b1f4
Accepting request 292211 from home:posophe:branches:network
...
fix
OBS-URL: https://build.opensuse.org/request/show/292211
OBS-URL: https://build.opensuse.org/package/show/network/quagga?expand=0&rev=34
2015-03-25 16:19:54 +00:00
Stephan Kulow
8eccf74c93
Accepting request 243145 from network
...
1
OBS-URL: https://build.opensuse.org/request/show/243145
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/quagga?expand=0&rev=41
2014-07-31 19:50:36 +00:00
78b2a8d493
Accepting request 243063 from home:sfalken:branches:network
...
OBS-URL: https://build.opensuse.org/request/show/243063
OBS-URL: https://build.opensuse.org/package/show/network/quagga?expand=0&rev=32
2014-07-31 11:37:11 +00:00
Stephan Kulow
95b0e256bb
Accepting request 183545 from network
...
- fixed source url, added tar.asc and keyring url (unchecked)
- Add return value for table_test.c.
- Update to 0.99.22.1
major regressions:
ospfd: restore nexthop IP for p2p interfaces
minor fixes:
bgpd: fix lost passwords of grouped neighbors
lib/vty: register vtysh socket in server socket vector (BZ#754)
ospfd: fix LSA initialization for build without opaque LSA
ripd: correctly redistribute ifindex routes (BZ#664)
build issues:
build: fix minimal mixup in gitinfo suffix
build: reference libcap from libzebra (BZ#393,626)
build: update quagga.spec.in
doc: fix makeinfo errors and one warning
tests: make --disable-bgpd kill bgpd tests too
vtysh: fix false lib path matching in extract.pl.in
OBS-URL: https://build.opensuse.org/request/show/183545
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/quagga?expand=0&rev=39
2013-07-20 07:03:43 +00:00
1a7a9640de
- fixed source url, added tar.asc and keyring url (unchecked)
...
OBS-URL: https://build.opensuse.org/package/show/network/quagga?expand=0&rev=29
2013-07-17 13:22:55 +00:00
dcc0996d44
Accepting request 183489 from home:yyyeer:branches:network
...
- Add return value for table_test.c.
- Update to 0.99.22.1
major regressions:
ospfd: restore nexthop IP for p2p interfaces
minor fixes:
bgpd: fix lost passwords of grouped neighbors
lib/vty: register vtysh socket in server socket vector (BZ#754)
ospfd: fix LSA initialization for build without opaque LSA
ripd: correctly redistribute ifindex routes (BZ#664)
build issues:
build: fix minimal mixup in gitinfo suffix
build: reference libcap from libzebra (BZ#393,626)
build: update quagga.spec.in
doc: fix makeinfo errors and one warning
tests: make --disable-bgpd kill bgpd tests too
vtysh: fix false lib path matching in extract.pl.in
OBS-URL: https://build.opensuse.org/request/show/183489
OBS-URL: https://build.opensuse.org/package/show/network/quagga?expand=0&rev=28
2013-07-17 08:54:21 +00:00
