Accepting request 731784 from home:mnhauke:network
- Update to version 1.6.8 * Fix CVE-2019-16159: BIRD Internet Routing Daemon 1.6.x through 1.6.7 and 2.x through 2.0.5 has a stack-based buffer overflow. The BGP daemon's support for RFC 8203 administrative shutdown communication messages included an incorrect logical expression when checking the validity of an input message. Sending a shutdown communication with a sufficient message length causes a four-byte overflow to occur while processing the message, where two of the overflow bytes are attacker-controlled and two are fixed. * Several important bugfixes * BFD: Support for VRFs OBS-URL: https://build.opensuse.org/request/show/731784 OBS-URL: https://build.opensuse.org/package/show/network/bird?expand=0&rev=8
This commit is contained in:
parent
e3fbc4a571
commit
ff37b1a6b8
@ -1,3 +0,0 @@
|
|||||||
version https://git-lfs.github.com/spec/v1
|
|
||||||
oid sha256:975b3b7aefbe1e0dc9c11e55517f0ca2d82cca1d544e2e926f78bc843aaf2d70
|
|
||||||
size 1029505
|
|
3
bird-1.6.8.tar.gz
Normal file
3
bird-1.6.8.tar.gz
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
version https://git-lfs.github.com/spec/v1
|
||||||
|
oid sha256:6c61ab5d2ef59d2559a8735b8252b5a0238013b43e5fb8a96c5d9d06e7bc00b2
|
||||||
|
size 1042222
|
16
bird.changes
16
bird.changes
@ -1,3 +1,19 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Wed Sep 18 19:14:22 UTC 2019 - Martin Hauke <mardnh@gmx.de>
|
||||||
|
|
||||||
|
- Update to version 1.6.8
|
||||||
|
* Fix CVE-2019-16159:
|
||||||
|
BIRD Internet Routing Daemon 1.6.x through 1.6.7 and 2.x through
|
||||||
|
2.0.5 has a stack-based buffer overflow. The BGP daemon's
|
||||||
|
support for RFC 8203 administrative shutdown communication
|
||||||
|
messages included an incorrect logical expression when checking
|
||||||
|
the validity of an input message. Sending a shutdown
|
||||||
|
communication with a sufficient message length causes a four-byte
|
||||||
|
overflow to occur while processing the message, where two of the
|
||||||
|
overflow bytes are attacker-controlled and two are fixed.
|
||||||
|
* Several important bugfixes
|
||||||
|
* BFD: Support for VRFs
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Fri Mar 1 19:32:49 UTC 2019 - Martin Hauke <mardnh@gmx.de>
|
Fri Mar 1 19:32:49 UTC 2019 - Martin Hauke <mardnh@gmx.de>
|
||||||
|
|
||||||
|
@ -21,7 +21,7 @@
|
|||||||
%define bird_home %{_localstatedir}/lib/bird
|
%define bird_home %{_localstatedir}/lib/bird
|
||||||
%define bird_runtimedir %{_rundir}/%{name}
|
%define bird_runtimedir %{_rundir}/%{name}
|
||||||
Name: bird
|
Name: bird
|
||||||
Version: 1.6.6
|
Version: 1.6.8
|
||||||
Release: 0
|
Release: 0
|
||||||
Summary: The BIRD Internet Routing Daemon
|
Summary: The BIRD Internet Routing Daemon
|
||||||
License: GPL-2.0-or-later
|
License: GPL-2.0-or-later
|
||||||
|
Loading…
Reference in New Issue
Block a user