2021-08-27 15:07:07 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed Aug 25 08:05:28 UTC 2021 - Johannes Segitz <jsegitz@suse.com>
|
|
|
|
|
|
|
|
- Added hardening to systemd service(s). Modified:
|
|
|
|
* bird.service
|
|
|
|
|
2021-03-22 23:16:32 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Mon Mar 22 09:12:19 UTC 2021 - Martin Hauke <mardnh@gmx.de>
|
|
|
|
|
|
|
|
- Update to version 2.0.8
|
|
|
|
Changes/Fixes:
|
|
|
|
* Automatic channel reloads based on RPKI changes
|
|
|
|
* Multiple static routes with the same network
|
|
|
|
* Use bitmaps to keep track of exported routes
|
|
|
|
* Per-channel debug flags
|
|
|
|
* CLI commands show info from multiple protocols
|
|
|
|
* Linux: IPv4 routes with IPv6 nexthops
|
|
|
|
* Filter: Optimized redesign of prefix sets
|
|
|
|
* Filter: Improved type checking of user filters
|
|
|
|
* Filter: New src/dst accessors for Flowspec and SADR
|
|
|
|
* Filter: New 'weight' route attribute
|
|
|
|
* Filter: BGP path mask loop operator
|
|
|
|
* Filter: Remove quitbird command
|
|
|
|
* RIP: Demand circuit support (RFC 2091)
|
|
|
|
* BGP: New 'allow as sets' and 'enforce first as' options
|
|
|
|
* BGP: Support for BGP hostname capability
|
|
|
|
* BGP: Support for MD5SIG with dynamic BGP
|
|
|
|
* BFD: Optional separation of IPv4 / IPv6 BFD instances
|
|
|
|
* BFD: Per-peer session options
|
|
|
|
* RPKI: Allow build without libSSH
|
|
|
|
* RPKI: New 'ignore max length' option
|
|
|
|
* OSPF: Redesign of handling of unnumbered PtPs
|
|
|
|
* OSPF: Allow key id 0 in authentication
|
|
|
|
* Babel: Use onlink flag for routes with unreachable next hop
|
|
|
|
* Many bugfixes
|
|
|
|
Notes:
|
|
|
|
* Automatic channel reloads based on RPKI changes are enabled
|
|
|
|
by default, but require import table enabled when used in
|
|
|
|
BGP import filter.
|
|
|
|
* BIRD now uses bitmaps to keep track of exported routes
|
|
|
|
instead of re-evaluation of export filters. That should
|
|
|
|
improve speed and accuracy in route export handling during
|
|
|
|
reconfiguration, but takes some more memory.
|
|
|
|
* Per-channel debug logging and some CLI commands (like 'show
|
|
|
|
ospf neighbors') defaulting to all protocol instances lead to
|
|
|
|
some minor changes in log and CLI output. Caution is
|
|
|
|
recommended when logs or CLI output are monitored by scripts.
|
|
|
|
- Drop not longer needed patches:
|
|
|
|
* gcc10.patch
|
|
|
|
* fix_test_for_bigendian_arch.patch
|
|
|
|
|
2020-11-16 16:39:18 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Mon Nov 16 12:45:29 UTC 2020 - Mark Stopka <mstopka@opensuse.org>
|
|
|
|
|
|
|
|
- Add patch to fix test on Big Endian architectures
|
2020-11-16 20:14:37 +01:00
|
|
|
* fix_test_for_bigendian_arch.patch
|
2020-11-16 16:39:18 +01:00
|
|
|
|
2020-09-26 00:54:13 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Fri Sep 11 07:16:11 UTC 2020 - Dirk Mueller <dmueller@suse.com>
|
|
|
|
|
|
|
|
- update to 2.0.2:
|
|
|
|
o Integrated IPv4 + IPv6 design
|
|
|
|
* many changes, see included NEWS for details
|
|
|
|
* obsoletes separate bird6/bird-common subpackages
|
|
|
|
|
|
|
|
- remove bird-1.6.3_verbose.build.patch bufferoverflow.patch: obsolete
|
|
|
|
- add gcc10.patch (fix build with gcc 10), disable -fcommon again
|
|
|
|
- reenable fortify-source
|
|
|
|
|
2020-06-17 14:36:32 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed Jun 17 11:26:13 UTC 2020 - Paolo Stivanin <info@paolostivanin.com>
|
|
|
|
|
|
|
|
- Add -fcommon to allow building against GCC10
|
|
|
|
|
2019-09-19 09:28:59 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed Sep 18 19:14:22 UTC 2019 - Martin Hauke <mardnh@gmx.de>
|
|
|
|
|
|
|
|
- Update to version 1.6.8
|
|
|
|
* Fix CVE-2019-16159:
|
|
|
|
BIRD Internet Routing Daemon 1.6.x through 1.6.7 and 2.x through
|
|
|
|
2.0.5 has a stack-based buffer overflow. The BGP daemon's
|
|
|
|
support for RFC 8203 administrative shutdown communication
|
|
|
|
messages included an incorrect logical expression when checking
|
|
|
|
the validity of an input message. Sending a shutdown
|
|
|
|
communication with a sufficient message length causes a four-byte
|
|
|
|
overflow to occur while processing the message, where two of the
|
|
|
|
overflow bytes are attacker-controlled and two are fixed.
|
|
|
|
* Several important bugfixes
|
|
|
|
* BFD: Support for VRFs
|
|
|
|
|
2019-03-02 14:53:32 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Fri Mar 1 19:32:49 UTC 2019 - Martin Hauke <mardnh@gmx.de>
|
|
|
|
|
|
|
|
- Update to version 1.6.6
|
|
|
|
* Several bugfixes related to route propagation
|
|
|
|
|
2019-02-03 19:49:22 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Sun Feb 3 09:45:27 UTC 2019 - mardnh@gmx.de
|
|
|
|
|
|
|
|
- Update to version 1.6.5
|
|
|
|
* MRT table dumps (RFC 6396)
|
|
|
|
* BGP Long-lived graceful restart
|
|
|
|
* Filter: Make ifname attribute modifiable
|
|
|
|
* Improved keeping track of IPv6 link-local addresses
|
|
|
|
* Many bugfixes
|
|
|
|
|
2018-12-15 20:42:00 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Sat Dec 15 17:51:41 UTC 2018 - Jan Engelhardt <jengelh@inai.de>
|
|
|
|
|
|
|
|
- Kill off em dashes in summaries. Remove future
|
|
|
|
aims from descriptions.
|
|
|
|
|
2018-12-10 18:04:30 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Thu Dec 6 20:30:33 UTC 2018 - mardnh@gmx.de
|
|
|
|
|
|
|
|
- Specfile cleanup
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed Nov 14 19:22:22 UTC 2018 - mardnh@gmx.de
|
|
|
|
|
|
|
|
- Update to version 1.6.4
|
|
|
|
* Basic VRF support
|
|
|
|
* Simplified autoconf scripts
|
|
|
|
* BGP: Shutdown communication (RFC 8203)
|
|
|
|
* BGP: Allow exchanging LOCAL_PREF with eBGP peers
|
|
|
|
* BGP: Allow to specify interface for regular sessions
|
|
|
|
* BGP: New option 'disable after cease'
|
|
|
|
* RAdv: Support for more specific routes (RFC 4191)
|
|
|
|
* RAdv: Proper handling of prefix retraction
|
|
|
|
* Filter: Allow silent filter execution
|
|
|
|
* Filter: Fixed stack overflow in BGP mask expressions.
|
|
|
|
* Several bug fixes
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Fri Aug 18 16:41:04 UTC 2017 - mrueckert@suse.de
|
|
|
|
|
|
|
|
- added potential fix for the bufferoverflow issue
|
|
|
|
bufferoverflow.patch
|
|
|
|
|
|
|
|
We will keep fortify_source 0 until the patch was discussed with
|
|
|
|
upstream.
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Fri Aug 18 15:42:27 UTC 2017 - mrueckert@suse.de
|
|
|
|
|
|
|
|
- downgrade to _FORTIFY_SOURCE=0 as 1 still fails on TW
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Fri Aug 18 15:36:09 UTC 2017 - mrueckert@suse.de
|
|
|
|
|
|
|
|
- ignore some warnings to make the output more readable
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Fri Aug 18 15:23:57 UTC 2017 - mrueckert@suse.de
|
|
|
|
|
|
|
|
- added bird-1.6.3_verbose.build.patch:
|
|
|
|
- no longer print false CC lines
|
|
|
|
- print the actuall gcc calls instead
|
|
|
|
- properly fix the FORTIFY_SOURCE fix from the earlier commit.
|
|
|
|
- we just replace the -D_FORTIFY_SOURCE value with what we want
|
|
|
|
instead of appending another value which leads to warnings
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Fri Aug 18 15:06:45 UTC 2017 - mrueckert@suse.de
|
|
|
|
|
|
|
|
- update to 1.6.3
|
|
|
|
- Large BGP communities
|
|
|
|
- BFD authentication (MD5, SHA1)
|
|
|
|
- SHA1 and SHA2 authentication for RIP and OSPF
|
|
|
|
- Improved documentation
|
|
|
|
- Several bug fixes
|
|
|
|
- changes from version 1.6.2
|
|
|
|
- Fixes serious bug introduced in the previous version
|
|
|
|
- changes from version 1.6.1
|
|
|
|
- Support for IPv6 ECMP
|
|
|
|
- Better handling of IPv6 tentative addresses
|
|
|
|
- Several updates and fixes in Babel protocol
|
|
|
|
- Filter: New !~ operator
|
|
|
|
- Filter: ASN ranges in bgpmask
|
|
|
|
- KRT: New kernel protocol option 'metric'
|
|
|
|
- KRT: New route attribute 'krt_scope'
|
|
|
|
- Improved BIRD help messages
|
|
|
|
- Fixes memory leak in BGP multipath
|
|
|
|
- Fixes handling of empty path segments in BGP AS_PATH
|
|
|
|
- Several bug fixes
|
|
|
|
- drop bird-1.5.0-rip_auth_bufferoverflow.patch
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue Jun 21 20:19:18 UTC 2016 - mardnh@gmx.de
|
|
|
|
|
|
|
|
- update to version 1.6.0
|
|
|
|
- if possible use /run instead of /var/run for the runtimedir
|
|
|
|
- removed patch: bird-1.5.0-rip_auth_bufferoverflow.patch
|
|
|
|
A similar issue still exists but it's a false positive.
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Sat Oct 17 15:56:16 UTC 2015 - mrueckert@suse.de
|
|
|
|
|
|
|
|
- add $BIRD_OPTIONS to the service files
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Sat Oct 17 15:42:42 UTC 2015 - mrueckert@suse.de
|
|
|
|
|
|
|
|
- no longer run as root but as user/group bird.
|
|
|
|
- add tmpfiles.d file for /var/run/bird
|
|
|
|
- merged spec file from bird6 again
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Fri Oct 16 23:24:31 UTC 2015 - mrueckert@suse.de
|
|
|
|
|
|
|
|
- initial package
|
|
|
|
|