| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: frr-devel | Distribution: openSUSE Tumbleweed |
| Version: 10.0.1 | Vendor: openSUSE |
| Release: 2.1 | Build date: Thu Aug 22 15:02:19 2024 |
| Group: Development/Libraries/C and C++ | Build host: reproducible |
| Size: 1221376 | Source RPM: frr-10.0.1-2.1.src.rpm |
| Packager: http://bugs.opensuse.org | |
| Url: https://www.frrouting.org | |
| Summary: Header and object files for frr development | |
The frr-devel package contains the header and object files necessary for developing OSPF-API and frr applications.
GPL-2.0-or-later AND LGPL-2.1-or-later
* Thu Aug 22 2024 Marius Tomaschewski <mt@suse.com>
- Apply upstream fix for crash in bgp_attr_encap that were missing
a check of the actual remaining stream length before taking the
TLV value (CVE-2024-44070,bsc#1229438,gh#FRRouting/frr#16502):
+ 0002-bgpd-Check-the-actual-remaining-stream-length-before.patch
- Re-added 0001-disable-zmq-test.patch to avoid (sporadic or arch
specific, e.g. aarch64) "make check" test failures (bsc#1180217).
+ 0001-disable-zmq-test.patch
- Re-added hardening patch for systemd service(s) (bsc#1181400):
+ harden_frr.service.patch
- Cleanup unknown --enable-systemd and correct the --sysconfdir
and --localstatedir configure options to not end in …/frr.
* Fri Aug 09 2024 Erico Mendonca <erico.mendonca@suse.com>
- Fixing Source URL/archive name.
* Sun Jul 28 2024 Erico Mendonca <erico.mendonca@suse.com> - 10.0.1
- Update to version 10.0.1 from official sources.
- Clean slate: removing all previous patches.
- The following patches were obsoleted:
- 0001-disable-zmq-test.patch
- harden_frr.service.patch
- 0003-tools-Run-as-FRR_USER-install-chown-commands-to-avoi.patch
- 0004-tools-remove-backslash-from-declare-check-regex.patch
- 0005-root-ok-in-account-frr.pam.patch
- 0006-bgpd-Check-7-bytes-for-Long-lived-Graceful-Restart-c.patch
- 0007-bgpd-Ensure-stream-received-has-enough-data.patch
- 0008-bgpd-Don-t-read-the-first-byte-of-ORF-header-if-we-a.patch
- 0009-bgpd-Do-not-process-NLRIs-if-the-attribute-length-is.patch
- 0010-bgpd-Use-treat-as-withdraw-for-tunnel-encapsulation-.patch
- 0011-babeld-fix-11808-to-avoid-infinite-loops.patch
- 0012-bgpd-Limit-flowspec-to-no-attribute-means-a-implicit.patch
- 0013-bgpd-Check-mandatory-attributes-more-carefully-for-U.patch
- 0014-bgpd-Handle-MP_REACH_NLRI-malformed-packets-with-ses.patch
- 0015-bgpd-Treat-EOR-as-withdrawn-to-avoid-unwanted-handli.patch
- 0016-bgpd-Ignore-handling-NLRIs-if-we-received-MP_UNREACH.patch
- 0017-bgpd-Fix-use-beyond-end-of-stream-of-labeled-unicast.patch
- 0018-bgpd-Flowspec-overflow-issue.patch
- 0019-bgpd-fix-error-handling-when-receiving-BGP-Prefix-SID-attribute.patch
- 0020-ospfd-Solved-crash-in-OSPF-TE-parsing.patch
- 0021-ospfd-Solved-crash-in-RI-parsing-with-OSPF-TE.patch
- 0022-ospfd-Correct-Opaque-LSA-Extended-parser.patch
- 0023-ospfd-protect-call-to-get_edge-in-ospf_te.c.patch
* Tue Jun 04 2024 Marius Tomaschewski <mt@suse.com>
- Apply upstream fix solving ospfd denial of service via get_edge()
function returning a NULL pointer (CVE-2024-34088,bsc#1223786,
gh#FRRouting/frr#16088).
[+ 0023-ospfd-protect-call-to-get_edge-in-ospf_te.c.patch]
- Apply upstream fix solving ospfd buffer overflow and daemon crash
in ospf_te_parse_ext_link for OSPF LSA packets during an attempt
to read Segment Routing Adjacency SID subTLVs (CVE-2024-31951,
bsc#1222528,gh#FRRouting/frr#16088).
[+ 0022-ospfd-Correct-Opaque-LSA-Extended-parser.patch]
- Apply upstream fix solving ospfd buffer overflow and daemon crash
in RI parsing with OSPF TE (CVE-2024-31950,bsc#1222526,
gh#FRRouting/frr#16088).
[+ 0021-ospfd-Solved-crash-in-RI-parsing-with-OSPF-TE.patch]
* Wed Apr 24 2024 Marius Tomaschewski <mt@suse.com>
- Apply upstream fix solving crash in OSPF TE parsing (bsc#1220548,
CVE-2024-27913, gh#FRRouting/frr#15431)
[+ 0020-ospfd-Solved-crash-in-OSPF-TE-parsing.patch]
* Wed Apr 10 2024 Clemens Famulla-Conrad <cfamullaconrad@suse.com>
- add
0019-bgpd-fix-error-handling-when-receiving-BGP-Prefix-SID-attribute.patch:
* Apply upstream fix on error handling when receiving BGP Prefix
SID attribute (bsc#1222518,CVE-2024-31948,gh#FRRouting/frr#15628)
* Thu Feb 08 2024 Dominique Leuenberger <dimstar@opensuse.org>
- Provide user/group symbol for user created during pre.
* Fri Feb 02 2024 Dominique Leuenberger <dimstar@opensuse.org>
- Fix build with RPM 4.19: a stray %-escape sequence was found in
the files section.
* Mon Dec 04 2023 Marius Tomaschewski <mt@suse.com>
- Apply upstream fix for a crash on malformed BGP UPDATE message
with an EOR, because the presence of EOR does not lead to a
treat-as-withdraw outcome (CVE-2023-47235,1216896,https://github.com/FRRouting/frr/pull/14716/commits/6814f2e0138a6ea5e1f83bdd9085d9a77999900b)
[+ 0015-bgpd-Treat-EOR-as-withdrawn-to-avoid-unwanted-handli.patch]
- Apply upstream fix for a crash on crafted BGP UPDATE message with
a MP_UNREACH_NLRI attribute and additional NLRI data (CVE-2023-47234,
bsc#1216897,ttps://github.com/FRRouting/frr/pull/14716/commits/c37119df45bbf4ef713bc10475af2ee06e12f3bf)
[+ 0016-bgpd-Ignore-handling-NLRIs-if-we-received-MP_UNREACH.patch]
- Apply upstream fix for attempts to read beyond the end of the
stream during labeled unicast parsing (CVE-2023-38407,bsc#1216899,https://github.com/FRRouting/frr/pull/12956/commits/ab362eae68edec12c175d9bc488bcc3f8b73d36f)
[+ 0017-bgpd-Fix-use-beyond-end-of-stream-of-labeled-unicast.patch]
- Apply upstream fix for an nlri length of zero mishandling, aka
"flowspec overflow" (CVE-2023-38406,bsc#1216900,https://github.com/FRRouting/frr/pull/12884/commits/0b999c886e241c52bd1f7ef0066700e4b618ebb3)
[+ 0018-bgpd-Flowspec-overflow-issue.patch]
* Mon Oct 30 2023 Marius Tomaschewski <mt@suse.com>
- Apply upstream fix for a crash due to a crafted BGP UPDATE message
(CVE-2023-46753,bsc#1216626,https://github.com/FRRouting/frr/pull/14655/commits/21418d64af11553c402f932b0311c812d98ac3e4).
[+ 0013-bgpd-Check-mandatory-attributes-more-carefully-for-U.patch]
- Apply upstream fix for a crash due to mishandled malformed
MP_REACH_NLRI data (CVE-2023-46752,bsc#1216627,https://github.com/FRRouting/frr/pull/14645/commits/b08afc81c60607a4f736f418f2e3eb06087f1a35).
[+ 0014-bgpd-Handle-MP_REACH_NLRI-malformed-packets-with-ses.patch]
* Tue Sep 12 2023 Marius Tomaschewski <mt@suse.com>
- Apply upstream fix for NULL pointer dereference due to processing
of malformed requests with no attributes in bgp_nlri_parse_flowspec
(CVE-2023-41909,bsc#1215065,https://github.com/FRRouting/frr/pull/13222/commits/cfd04dcb3e689754a72507d086ba3b9709fc5ed8).
[+ 0012-bgpd-Limit-flowspec-to-no-attribute-means-a-implicit.patch]
* Wed Aug 30 2023 Marius Tomaschewski <mt@suse.com>
- Removed protobuf-c BuildRequires (source package name) breaking
build-system setup with libprotobuf-c-devel 1.3.2 updates.
- Apply upstream fix for bgpd: Don't read initial byte of the ORF
header in an ahead-of-stream situation (CVE-2023-41360,
bsc#1214739,https://github.com/FRRouting/frr/pull/14245)
[+ 0008-bgpd-Don-t-read-the-first-byte-of-ORF-header-if-we-a.patch]
- Apply upstream fix for bgpd: Do not process NLRIs if the attribute
length is zero (CVE-2023-41358,bsc#1214735,
https://github.com/FRRouting/frr/pull/14260)
[+ 0009-bgpd-Do-not-process-NLRIs-if-the-attribute-length-is.patch]
- Apply upstream fix bgpd: Use treat-as-withdraw for tunnel encapsulation
attribute instead of session reset (CVE-2023-38802,bsc#1213284,
https://github.com/FRRouting/frr/pull/14290)
[+ 0010-bgpd-Use-treat-as-withdraw-for-tunnel-encapsulation-.patch]
- Apply upstream fix babeld: avoid infinite loops (CVE-2023-3748,bsc#1213434,
gh#FRRouting/frr#11808,https://github.com/FRRouting/frr/pull/12952)
[+ 0011-babeld-fix-11808-to-avoid-infinite-loops.patch]
* Mon May 15 2023 Marius Tomaschewski <mt@suse.com>
- Apply upstream fix for denial of service via the bgp_capability_llgr()
function (bsc#1211248,CVE-2023-31489,gh#FRRouting/frr#13098).
[+ 0006-bgpd-Check-7-bytes-for-Long-lived-Graceful-Restart-c.patch]
- Apply upstream fix for denial of service via the bgp_attr_psid_sub()
function (bsc#1211249,CVE-2023-31490,gh#FRRouting/frr#13099).
[+ 0007-bgpd-Ensure-stream-received-has-enough-data.patch]
* Mon Apr 03 2023 Marius Tomaschewski <mt@suse.com>
- Enable pim6d providing PIMv6 support (bsc#1206234)
* Fri Jan 13 2023 Stefan Schubert <schubi@suse.com>
- Migration of PAM settings to /usr/lib/pam.d.
* Fri Nov 11 2022 Marius Tomaschewski <mt@suse.com>
- Migration to /usr/etc: Conditionally moved /etc/logrotate.d/frr
file to vendor specific directory /usr/etc/logrotate.d and added
saving of user changed configuration files in /etc and restoring
them while an RPM update.
- Declare root as sufficient also in the pam account verification;
without vtysh use causes to log a pam frr:account warnings
(https://github.com/FRRouting/frr/pull/12308)
[+ 0005-root-ok-in-account-frr.pam.patch]
- Applied fix removing a not needed backslash causing to log a warning
(https://github.com/FRRouting/frr/pull/12307)
[+ 0004-tools-remove-backslash-from-declare-check-regex.patch]
- Applied upstream fixes for frrinit.sh to avoid a privilege escalation
from frr to root in frr config creation (bsc#1204124,CVE-2022-42917,
https://github.com/FRRouting/frr/pull/12157).
[+ 0003-tools-Run-as-FRR_USER-install-chown-commands-to-avoi.patch]
- Removed obsolete patches provided in the 8.4 source archive:
[- 0003-babeld-fix-10487-by-adding-a-check-on-packet-length.patch,
- 0004-babeld-fix-10502-10503-by-repairing-the-checks-on-le.patch,
- 0005-isisd-fix-router-capability-TLV-parsing-issues.patch,
- 0006-isisd-fix-10505-using-base64-encoding.patch,
- 0007-bgpd-Make-sure-hdr-length-is-at-a-minimum-of-what-is.patch,
- 0008-isisd-Ensure-rcap-is-freed-in-error-case.patch]
- Update to version 8.4, see https://frrouting.org/release/8.4/
* New BGP command (neighbor PEER soo) to configure SoO to prevent
routing loops and suboptimal routing on dual-homed sites.
* Command debug bgp allow-martian replaced to bgp allow-martian-nexthop
because previously we allowed using martian next-hops when debug is
turned on.
* Implement BGP Prefix Origin Validation State Extended Community rfc8097
* Implement Route Leak Prevention and Detection Using Roles in UPDATE
and OPEN Messages rfc9234
* BMP L3VPN support
* PIMv6 support
* MLD support
* New command to enable using reserved IPv4 ranges as normal addresses
for BGP next-hops, interface addresses, etc.
* As usual, lots of bugs and memory leaks were fixed \m/
such as a fix for a possible use-after-free due to a race
condition related to bgp_notify_send_with_data() and
bgp_process_packet() in bgp_packet.c. This could lead to
Remote Code Execution or Information Disclosure by sending
crafted BGP packets (CVE-2022-37035,bsc#1202085).
- Update to version 8.3, see https://frrouting.org/release/8.3/
* Notification Message support for BGP Graceful Restart
* BGP Cease Notification Subcode For BFD
* Send Hold Timer for BGP
* RFC5424 syslog support
* PIM passive command
- Update to version 8.2.2, see https://frrouting.org/release/8.2.2/
* BGP Long-lived graceful restart capability
* BGP Extended Optional Parameters Length for BGP OPEN Message
* BGP Extended BGP Administrative Shutdown Communication
* IS-IS Link State Traffic Engineering support
* OSPFv3 Support for NSSA Type-7 address ranges
* PBR VLAN actions support
* Mon Sep 05 2022 Marius Tomaschewski <mt@suse.com>
- Apply upstream fix for out-of-bounds read in the BGP daemon
that may lead to information disclosure or denial of service
(bsc#1202023,CVE-2022-37032)
[+ 0007-bgpd-Make-sure-hdr-length-is-at-a-minimum-of-what-is.patch]
- Apply upstream fix for a memory leak in the IS-IS daemon that
may lead to server memory exhaustion (bsc#1202022,CVE-2019-25074)
[+ 0008-isisd-Ensure-rcap-is-freed-in-error-case.patch]
* Thu Mar 17 2022 Dominique Leuenberger <dimstar@opensuse.org>
- Make build a bit cheaper: do only BuildRequire the primary python
interpreter and its modules (python3-FOO) instead of all
available versions as done using %{python_module FOO}
* Mon Feb 28 2022 Marius Tomaschewski <mt@suse.com>
- Apply fix for a buffer overflow in isisd due to the use of strdup
with a non-zero-terminated binary string (bsc#1196506,CVE-2022-26126)
[+ 0006-isisd-fix-10505-using-base64-encoding.patch]
- Apply fix for a buffer overflow in isisd due to wrong checks on
the input packet length (bsc#1196505,CVE-2022-26125) with workaround
for the GIT binary patch to tests/isisd/test_fuzz_isis_tlv_tests.h.gz
[+ 0005-isisd-fix-router-capability-TLV-parsing-issues.patch]
- Apply fix for a buffer overflow in babeld due to wrong checks on
the input packet length in the packet_examin and subtlv parsing
(bsc#1196504,bsc#1196507,CVE-2022-26128,CVE-2022-26129)
[+ 0004-babeld-fix-10502-10503-by-repairing-the-checks-on-le.patch]
- Apply fix for a heap buffer overflow in babeld due to missing check
on the input packet length (bsc#1196503,CVE-2022-26127)
[+ 0003-babeld-fix-10487-by-adding-a-check-on-packet-length.patch]
* Thu Dec 09 2021 Johannes Segitz <jsegitz@suse.com>
- Add ReadWritePaths=/etc/frr to harden_frr.service.patch (bsc#1181400).
* Wed Nov 17 2021 Linnaea Lavia <linnaea@lavia.moe>
- Update to version 8.1
* Graceful Restart for OSPFv2 and OSPFv3
* OSPFv3 NSSA and NSSA-TSA support
* OSPFv3 ASBR Summarisation Support
* BGP SRv6 and Prefix-SID Type 5 improvements
* BGP EVPN type-5 gateway IP overlay Index
* Lua hook support
* See: https://frrouting.org/release/8.1/
* Fri Oct 15 2021 Johannes Segitz <jsegitz@suse.com>
- Drop ProtectClock hardening, can cause issues if other device acceess is needed
* Sat Oct 09 2021 Linnaea Lavia <linnaea@lavia.moe>
- Update to version 8.0.1
* refreshed patch:
- 0001-disable-zmq-test.patch
- harden_frr.service.patch
* LDP gained SNMP support
* OSPFv3 gained VRF support
* EVPN Multihoming is now fully supported
* TI-LFA implemented in IS-IS and OSPS
* New Segment Routing daemon
* See: https://frrouting.org/release/8.0/
and https://github.com/FRRouting/frr/releases/tag/frr-8.0.1
* Thu Sep 16 2021 Johannes Segitz <jsegitz@suse.com>
- Added hardening to systemd service(s) (bsc#1181400). Added patch(es):
* harden_frr.service.patch
* Fri Apr 23 2021 Marius Tomaschewski <mt@suse.com>
- Use skip, not xfail in 0001-disable-zmq-test.patch to disable
zmq test as it is not expected to fail but hangs (bsc#1180217)
* Thu Mar 04 2021 Martin Hauke <mardnh@gmx.de>
- Update to version 7.5.1
* Maintenance release
See: https://github.com/FRRouting/frr/blob/stable/7.5/changelog-auto.in
* Fri Jan 08 2021 olaf@aepfle.de
- Requires libyang 1.0.184
/usr/include/frr /usr/include/frr/admin_group.h /usr/include/frr/affinitymap.h /usr/include/frr/agg_table.h /usr/include/frr/asn.h /usr/include/frr/assert.h /usr/include/frr/atomlist.h /usr/include/frr/base64.h /usr/include/frr/bfd.h /usr/include/frr/bfdd /usr/include/frr/bfdd/bfddp_packet.h /usr/include/frr/bitfield.h /usr/include/frr/buffer.h /usr/include/frr/checksum.h /usr/include/frr/command.h /usr/include/frr/command_graph.h /usr/include/frr/command_match.h /usr/include/frr/compiler.h /usr/include/frr/cspf.h /usr/include/frr/csv.h /usr/include/frr/darr.h /usr/include/frr/db.h /usr/include/frr/debug.h /usr/include/frr/defaults.h /usr/include/frr/distribute.h /usr/include/frr/eigrpd /usr/include/frr/eigrpd/eigrp_dump.h /usr/include/frr/eigrpd/eigrp_topology.h /usr/include/frr/eigrpd/eigrpd.h /usr/include/frr/ferr.h /usr/include/frr/filter.h /usr/include/frr/flex_algo.h /usr/include/frr/freebsd-queue.h /usr/include/frr/frr_pthread.h /usr/include/frr/frr_zmq.h /usr/include/frr/frratomic.h /usr/include/frr/frrcu.h /usr/include/frr/frrdistance.h /usr/include/frr/frrevent.h /usr/include/frr/frrlua.h /usr/include/frr/frrscript.h /usr/include/frr/frrsendmmsg.h /usr/include/frr/frrstr.h /usr/include/frr/graph.h /usr/include/frr/hash.h /usr/include/frr/hook.h /usr/include/frr/iana_afi.h /usr/include/frr/id_alloc.h /usr/include/frr/if.h /usr/include/frr/if_rmap.h /usr/include/frr/imsg.h /usr/include/frr/ipaddr.h /usr/include/frr/iso.h /usr/include/frr/jhash.h /usr/include/frr/json.h /usr/include/frr/keychain.h /usr/include/frr/ldp_sync.h /usr/include/frr/lib_errors.h /usr/include/frr/lib_vty.h /usr/include/frr/libfrr.h /usr/include/frr/libfrr_trace.h /usr/include/frr/libospf.h /usr/include/frr/link_state.h /usr/include/frr/linklist.h /usr/include/frr/log.h /usr/include/frr/log_vty.h /usr/include/frr/md5.h /usr/include/frr/memory.h /usr/include/frr/mgmt.pb-c.h /usr/include/frr/mgmt_be_client.h /usr/include/frr/mgmt_defines.h /usr/include/frr/mgmt_fe_client.h /usr/include/frr/mgmt_msg.h /usr/include/frr/mgmt_msg_native.h /usr/include/frr/mgmt_pb.h /usr/include/frr/mlag.h /usr/include/frr/module.h /usr/include/frr/monotime.h /usr/include/frr/mpls.h /usr/include/frr/network.h /usr/include/frr/nexthop.h /usr/include/frr/nexthop_group.h /usr/include/frr/nexthop_group_private.h /usr/include/frr/northbound.h /usr/include/frr/northbound_cli.h /usr/include/frr/northbound_db.h /usr/include/frr/ns.h /usr/include/frr/openbsd-queue.h /usr/include/frr/openbsd-tree.h /usr/include/frr/ospfapi /usr/include/frr/ospfapi/ospf_apiclient.h /usr/include/frr/ospfd /usr/include/frr/ospfd/ospf_api.h /usr/include/frr/ospfd/ospf_asbr.h /usr/include/frr/ospfd/ospf_dump.h /usr/include/frr/ospfd/ospf_dump_api.h /usr/include/frr/ospfd/ospf_ism.h /usr/include/frr/ospfd/ospf_lsa.h /usr/include/frr/ospfd/ospf_lsdb.h /usr/include/frr/ospfd/ospf_nsm.h /usr/include/frr/ospfd/ospf_opaque.h /usr/include/frr/ospfd/ospfd.h /usr/include/frr/pbr.h /usr/include/frr/plist.h /usr/include/frr/prefix.h /usr/include/frr/printfrr.h /usr/include/frr/privs.h /usr/include/frr/ptm_lib.h /usr/include/frr/pullwr.h /usr/include/frr/pw.h /usr/include/frr/qobj.h /usr/include/frr/queue.h /usr/include/frr/resolver.h /usr/include/frr/ringbuf.h /usr/include/frr/route_opaque.h /usr/include/frr/route_types.h /usr/include/frr/routemap.h /usr/include/frr/routing_nb.h /usr/include/frr/sbuf.h /usr/include/frr/segment_routing.h /usr/include/frr/seqlock.h /usr/include/frr/sha256.h /usr/include/frr/sigevent.h /usr/include/frr/skiplist.h /usr/include/frr/smux.h /usr/include/frr/sockopt.h /usr/include/frr/sockunion.h /usr/include/frr/spf_backoff.h /usr/include/frr/srcdest_table.h /usr/include/frr/srte.h /usr/include/frr/srv6.h /usr/include/frr/stream.h /usr/include/frr/systemd.h /usr/include/frr/table.h /usr/include/frr/tc.h /usr/include/frr/termtable.h /usr/include/frr/trace.h /usr/include/frr/typerb.h /usr/include/frr/typesafe.h /usr/include/frr/vector.h /usr/include/frr/version.h /usr/include/frr/vlan.h /usr/include/frr/vrf.h /usr/include/frr/vrf_int.h /usr/include/frr/vty.h /usr/include/frr/vxlan.h /usr/include/frr/wheel.h /usr/include/frr/workqueue.h /usr/include/frr/xref.h /usr/include/frr/yang.h /usr/include/frr/yang_translator.h /usr/include/frr/yang_wrappers.h /usr/include/frr/zclient.h /usr/include/frr/zebra.h /usr/include/frr/zlog.h /usr/include/frr/zlog_5424.h /usr/include/frr/zlog_live.h /usr/include/frr/zlog_targets.h /usr/lib/libfrr.so /usr/lib/libfrr_pb.so /usr/lib/libfrrcares.so /usr/lib/libfrrfpm_pb.so /usr/lib/libfrrospfapiclient.so /usr/lib/libfrrsnmp.so /usr/lib/libfrrzmq.so /usr/lib/libmgmt_be_nb.so
Generated by rpm2html 1.8.1
Fabrice Bellet, Mon Sep 16 00:42:55 2024