diff options
-rw-r--r-- | debian/changelog | 10 | ||||
-rw-r--r-- | debian/control | 2 | ||||
-rw-r--r-- | debian/frr-doc.doc-base | 23 | ||||
-rw-r--r-- | debian/patches/CVE-2024-27913.patch | 34 | ||||
-rw-r--r-- | debian/patches/series | 1 | ||||
-rwxr-xr-x | debian/rules | 1 |
6 files changed, 35 insertions, 36 deletions
diff --git a/debian/changelog b/debian/changelog index 108c215..d16afb0 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,13 @@ +frr (10.0-0.1) unstable; urgency=medium + + * Non-maintainer upload. + * New upstream release. + * Bumping libyang2 build-depends to required version. + * Removing CVE-2024-27913.patch, included upstream. + * Adding now explicit configure flag to keep enabled building zebra_irdp. + + -- Daniel Baumann <daniel.baumann@progress-linux.org> Sat, 27 Apr 2024 05:46:52 +0200 + frr (9.1-0.1) unstable; urgency=high * Non-maintainer upload. diff --git a/debian/control b/debian/control index 66961f3..94cbf05 100644 --- a/debian/control +++ b/debian/control @@ -23,7 +23,7 @@ Build-Depends: bison, librtr-dev (>= 0.8.0~) <!pkg.frr.nortrlib>, libsnmp-dev, libssh-dev <!pkg.frr.nortrlib>, - libyang2-dev, + libyang2-dev (>= 2.1.128), pkgconf | pkg-config, protobuf-c-compiler, python3:native, diff --git a/debian/frr-doc.doc-base b/debian/frr-doc.doc-base new file mode 100644 index 0000000..af960e3 --- /dev/null +++ b/debian/frr-doc.doc-base @@ -0,0 +1,23 @@ +Document: frr +Title: FRRouting user manual +Abstract: General user/operator description for the FRRouting suite of + routing protocol daemons. +Section: Network/Communication + +Format: HTML +Index: /usr/share/doc/frr/html/index.html +Files: /usr/share/doc/frr/html/* + +Format: info +Index: /usr/share/info/frr.info.gz +Files: + /usr/share/info/frr.info.gz + /usr/share/info/frr-figures/fig-normal-processing.png + /usr/share/info/frr-figures/fig-rs-processing.png + /usr/share/info/frr-figures/fig-vnc-commercial-route-reflector.png + /usr/share/info/frr-figures/fig-vnc-frr-route-reflector.png + /usr/share/info/frr-figures/fig-vnc-gw.png + /usr/share/info/frr-figures/fig-vnc-mesh.png + /usr/share/info/frr-figures/fig-vnc-redundant-route-reflectors.png + /usr/share/info/frr-figures/fig_topologies_full.png + /usr/share/info/frr-figures/fig_topologies_rs.png diff --git a/debian/patches/CVE-2024-27913.patch b/debian/patches/CVE-2024-27913.patch deleted file mode 100644 index 0db69fd..0000000 --- a/debian/patches/CVE-2024-27913.patch +++ /dev/null @@ -1,34 +0,0 @@ -commit aae54e20498974cb026bd0e2649ca3e753090492 -Author: Olivier Dugeon <olivier.dugeon@orange.com> -Date: Mon Feb 26 10:40:34 2024 +0100 - - ospfd: Solved crash in OSPF TE parsing - - Iggy Frankovic discovered an ospfd crash when perfomring fuzzing of OSPF LSA - packets. The crash occurs in ospf_te_parse_te() function when attemping to - create corresponding egde from TE Link parameters. If there is no local - address, an edge is created but without any attributes. During parsing, the - function try to access to this attribute fields which has not been created - causing an ospfd crash. - - The patch simply check if the te parser has found a valid local address. If not - found, we stop the parser which avoid the crash. - - Signed-off-by: Olivier Dugeon <olivier.dugeon@orange.com> - (cherry picked from commit a73e66d07329d721f26f3f336f7735de420b0183) - -diff --git a/ospfd/ospf_te.c b/ospfd/ospf_te.c -index d203b5ef4..1a01bf77b 100644 ---- a/ospfd/ospf_te.c -+++ b/ospfd/ospf_te.c -@@ -2245,6 +2245,10 @@ static int ospf_te_parse_te(struct ls_ted *ted, struct ospf_lsa *lsa) - } - - /* Get corresponding Edge from Link State Data Base */ -+ if (IPV4_NET0(attr.standard.local.s_addr) && !attr.standard.local_id) { -+ ote_debug(" |- Found no TE Link local address/ID. Abort!"); -+ return -1; -+ } - edge = get_edge(ted, attr.adv, attr.standard.local); - old = edge->attributes; - diff --git a/debian/patches/series b/debian/patches/series deleted file mode 100644 index d43093e..0000000 --- a/debian/patches/series +++ /dev/null @@ -1 +0,0 @@ -CVE-2024-27913.patch diff --git a/debian/rules b/debian/rules index d833ec5..d35ee12 100755 --- a/debian/rules +++ b/debian/rules @@ -56,6 +56,7 @@ override_dh_auto_configure: --with-libpam \ --enable-doc \ --enable-doc-html \ + --enable-irdp \ --enable-snmp \ --enable-fpm \ --disable-protobuf \ |