Ubuntu
frr package

frr 8.4.1-2ubuntu1 source package in Ubuntu

Changelog

frr (8.4.1-2ubuntu1) lunar; urgency=medium

  * Merge with Debian unstable (LP: #1993401). Remaining changes:
    - Fix logging with Ubuntu's unprivileged rsyslog (LP #1958162):
      + d/frr.postinst: change log files ownership
      + d/frr.logrotate: change rotated log file ownership
  * Dropped (fixed upstream):
    - SECURITY UPDATE: overflow via input packet length
      + debian/patches/CVE-2022-26125.patch: fix router capability TLV
        parsing issues in isisd/isis_tlvs.*.
      + debian/patches/disable_isisd_fuzz_test.patch: disable fuzz tests as
        the security update changed expected results in
        tests/isisd/test_fuzz_isis_tlv.py.
      + CVE-2022-26125
    - SECURITY UPDATE: overflow via use of strdup with binary string
      + debian/patches/CVE-2022-26126.patch: use base64 encoding in
        isisd/isis_nb_notifications.c, lib/base64.c, lib/base64.h,
        lib/subdir.am, lib/yang_wrappers.c, lib/yang_wrappers.h.
      + CVE-2022-26126
    - SECURITY UPDATE: overflow via missing check on the input packet length
      + debian/patches/CVE-2022-26127.patch: add check on packet length in
        babeld/message.c.
      + CVE-2022-2612
    - SECURITY UPDATE: overflow via wrong checks
      + debian/patches/CVE-2022-26128_9.patch: fix checks on length in
        babeld/message.c.
      + CVE-2022-26128
      + CVE-2022-26129
    - SECURITY UPDATE: DoS via out-of-bounds read
      + debian/patches/CVE-2022-37032.patch: make sure hdr length is at a
        minimum of what is expected in bgpd/bgp_packet.c.
      + CVE-2022-37032
    - SECURITY UPDATE: use-after-free due to a race condition
      + debian/patches/CVE-2022-37035.patch: avoid notify race between io and
        main pthreads in bgpd/bgp_io.c, bgpd/bgp_packet.c, bgpd/bgp_packet.h.
      + CVE-2022-37035

 -- Andreas Hasenack <email address hidden>  Sun, 08 Jan 2023 17:57:05 -0300

Upload details

Uploaded by:
Andreas Hasenack
Uploaded to:
Lunar
Original maintainer:
Ubuntu Developers
Architectures:
linux-any all
Section:
misc
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
frr_8.4.1.orig.tar.xz 7.0 MiB cfce29dbb52817c2185861152a262e48b33beba8a21e3f4cbfb9153822e433bf
frr_8.4.1-2ubuntu1.debian.tar.xz 33.1 KiB d7a65d76bc0fa7fe8f7c8a99b9a6b943dd74655a4f2fe02ebad665b3cfeb61d8
frr_8.4.1-2ubuntu1.dsc 2.7 KiB 3c12bccd327774dd3f13baacb6bbd35be819b4ad32a6e5b0f23b7b16fbe08a8c

Available diffs

View changes file

Binary packages built by this source

frr: FRRouting suite of internet protocols (BGP, OSPF, IS-IS, ...)

 FRRouting implements the routing protocols commonly used in the
 internet and private networks to exchange information between routers.
 Both IP and IPv6 are supported, as are BGP, OSPFv2, OSPFv3, IS-IS, BABEL,
 EIGRP, RIP, RIPng, LDP, BFD, PIM, VRRP, PBR, and NHRP.
 .
 These protocols are used to turn your system into a dynamic router,
 exchanging information about available connections with other routers
 in a standards-compliant way. The actual packet forwarding
 functionality is provided by the OS kernel.
 .
 FRRouting is a fork of Quagga with an open community model. The main
 git lives on https://github.com/frrouting/frr.git and the project name
 is commonly abbreviated as "FRR."

frr-dbgsym: debug symbols for frr
frr-doc: FRRouting suite - user manual

 This provides the FRR user manual in HTML form. This is the official
 manual maintained as part of the package and is also available online
 at https://frrouting.readthedocs.io/

frr-pythontools: FRRouting suite - Python tools

 The FRRouting suite uses a small Python tool to provide configuration
 reload functionality, particularly useful when the interactive configuration
 shell is not used.
 .
 Without this package installed, "reload" (as a systemd or init script
 invocation) will not work for the FRR daemons.

frr-rpki-rtrlib: FRRouting suite - BGP RPKI support (rtrlib)

 Adds RPKI support to FRR's bgpd, allowing validation of BGP routes
 against cryptographic information stored in WHOIS databases. This is
 used to prevent hijacking of networks on the wider internet. It is only
 relevant to internet service providers using their own autonomous system
 number.

frr-rpki-rtrlib-dbgsym: debug symbols for frr-rpki-rtrlib
frr-snmp: FRRouting suite - SNMP support

 Adds SNMP support to FRR's daemons by attaching to net-snmp's snmpd
 through the AgentX protocol. Provides read-only access to current
 routing state through standard SNMP MIBs.

frr-snmp-dbgsym: debug symbols for frr-snmp