Ubuntu
frr package

frr 10.0.1-0.1ubuntu1 source package in Ubuntu

Changelog

frr (10.0.1-0.1ubuntu1) oracular; urgency=medium

  * Merge with Debian unstable (LP: #2064404). Remaining changes:
    - Fix logging with Ubuntu's unprivileged rsyslog (LP #1958162):
      + d/frr.postinst: change log files ownership
      + d/frr.logrotate: change rotated log file ownership
  * Dropped security patches included upstream:
    - SECURITY UPDATE: DoS via MP_REACH_NLRI data
      + debian/patches/CVE-2023-46752.patch: handle MP_REACH_NLRI malformed
        packets with session reset in bgpd/bgp_attr.c, bgpd/bgp_attr.h,
        bgpd/bgp_packet.c.
      + CVE-2023-46752
    - SECURITY UPDATE: DoS via BGP UPDATE without mandatory attributes
      + debian/patches/CVE-2023-46753.patch: check mandatory attributes more
        carefully for UPDATE message in bgpd/bgp_attr.c.
      + CVE-2023-46753
    - SECURITY UPDATE: read beyond stream during labeled unicast parsing
      + debian/patches/CVE-2023-38407.patch: fix use beyond end of stream of
        labeled unicast parsing in bgpd/bgp_label.c.
      + CVE-2023-38407
    - SECURITY UPDATE: crash via malformed BGP UPDATE message
      + debian/patches/CVE-2023-47235.patch: treat EOR as withdrawn to avoid
        unwanted handling of malformed attrs in bgpd/bgp_attr.c.
      + CVE-2023-47235
    - SECURITY UPDATE: crash via MP_UNREACH_NLRI attribute
      + debian/patches/CVE-2023-47234.patch: ignore handling NLRIs if we
        received MP_UNREACH_NLRI in bgpd/bgp_attr.c, bgpd/bgp_attr.h,
        bgpd/bgp_packet.c.
      + CVE-2023-47234
    - SECURITY UPDATE: DoS via malformed OSPF LSA packet
      + debian/patches/CVE-2024-27913.patch: solved crash in OSPF TE parsing
        in ospfd/ospf_te.c.
      + CVE-2024-27913

 -- Andreas Hasenack <email address hidden>  Mon, 29 Jul 2024 09:49:25 -0300

Upload details

Uploaded by:
Andreas Hasenack
Uploaded to:
Oracular
Original maintainer:
Ubuntu Developers
Architectures:
linux-any all
Section:
misc
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
frr_10.0.1.orig.tar.xz 7.9 MiB 9f4eccc4b165f0593e5d49085ad4d31ddf7f05043fb068ce8ce99340d7a37728
frr_10.0.1-0.1ubuntu1.debian.tar.xz 34.0 KiB c45c5eef8c69671a3cb860363a003c04088136177c865c1af4b9408e1cef83bc
frr_10.0.1-0.1ubuntu1.dsc 2.8 KiB f9cf07e6ed981f697ac66811f573dd1d5eb69dde769a5d946ae460e4444dcff7

View changes file

Binary packages built by this source

frr: FRRouting suite of internet protocols (BGP, OSPF, IS-IS, ...)

 FRRouting implements the routing protocols commonly used in the
 internet and private networks to exchange information between routers.
 Both IP and IPv6 are supported, as are BGP, OSPFv2, OSPFv3, IS-IS, BABEL,
 EIGRP, RIP, RIPng, LDP, BFD, PIM, VRRP, PBR, and NHRP.
 .
 These protocols are used to turn your system into a dynamic router,
 exchanging information about available connections with other routers
 in a standards-compliant way. The actual packet forwarding
 functionality is provided by the OS kernel.
 .
 FRRouting is a fork of Quagga with an open community model. The main
 git lives on https://github.com/frrouting/frr.git and the project name
 is commonly abbreviated as "FRR."

frr-dbgsym: debug symbols for frr
frr-doc: FRRouting suite - user manual

 This provides the FRR user manual in HTML form. This is the official
 manual maintained as part of the package and is also available online
 at https://frrouting.readthedocs.io/

frr-pythontools: FRRouting suite - Python tools

 The FRRouting suite uses a small Python tool to provide configuration
 reload functionality, particularly useful when the interactive configuration
 shell is not used.
 .
 Without this package installed, "reload" (as a systemd or init script
 invocation) will not work for the FRR daemons.

frr-rpki-rtrlib: FRRouting suite - BGP RPKI support (rtrlib)

 Adds RPKI support to FRR's bgpd, allowing validation of BGP routes
 against cryptographic information stored in WHOIS databases. This is
 used to prevent hijacking of networks on the wider internet. It is only
 relevant to internet service providers using their own autonomous system
 number.

frr-rpki-rtrlib-dbgsym: debug symbols for frr-rpki-rtrlib
frr-snmp: FRRouting suite - SNMP support

 Adds SNMP support to FRR's daemons by attaching to net-snmp's snmpd
 through the AgentX protocol. Provides read-only access to current
 routing state through standard SNMP MIBs.

frr-snmp-dbgsym: debug symbols for frr-snmp