CERT have published their Vulnerability Report for the VPNv4 security issue:

https://www.kb.cert.org/vuls/id/270232

regards,

Paul

On Thu, 10 Mar 2016, Donald Sharp wrote:

Quagga 1.0.20160309 has been released.


This release addresses Security Vulnerability VU #270232.

Users using VPNv4 to untrusted peers and zebra that have

untrusted clients talking to it are advised to upgrade to

this release.


This release is up on Savannah or download at:


http://download.savannah.gnu.org/releases/quagga

http://download.savannah.gnu.org/releases/quagga/quagga-1.0.20160309.tar.gz

http://download.savannah.gnu.org/releases/quagga/quagga-1.0.20160309.tar.xz

http://download.savannah.gnu.org/releases/quagga/quagga-1.0.20160309.tar.asc


If you encounter a “404” error, Savannah mirrors are probably

still synchronizing the files, please give it another day.


Major user-visible changes:

[quagga] - Namespace VRF Support has been added.

[lib] - Add 'show commandtree'

[bgpd] - vpnv4 and vpnv6 handling has been included.

[bgpd] - Add 'set metric (rtt|+rtt|-rtt)' to route map handling.

[bgpd] - Addition of 'show ip bgp dampening' command tree.

[bgpd] - If route-map does not exist default to DENY for redistribute
statements

[bgpd] - Lower default 'timers connect' in BGP to 10 seconds.

[bgpd] - Enable "bgp log-neighbor-changes" by default

[bgpd] - Add support for timer commands with peer-group syntax

[bgpd] - Extend Dump to allow Extended Time Format

[babeld] - Removed from the distribution.

[isisd] - Allow the adjustment of lsp-mtu

[isisd] - Allow the import of routes from other protocols

[ospfd] - Add per interface 'ip ospf area' command

[ospfd] - Lower the default OSPF spf timers to '0 50 5000'

[ripngd] - Add ECMP support

[pimd] - Add multicast static routes.

[pimd] - Add ability to set DR priority for an interface

[pimd] - Add ability to modify hello and hold timers per interface

[vtysh] - Add 'show thread cpu ..' and 'show work-queues'

[vtysh] - Add 'show run <protocol>' command

[vtysh] - Fix history handling

[solaris] - Fix compilation issues.


Distributor-visible changes:

--enable-opaque-lsa is removed.  This is considered industry

 default and there should be no need to specify at compile time

 to include this feature


--enable-ospf-te is removed.  This is considered industry

 default and there should be no need to specify at compile time

 to include this feature


--enable-pimd is default.  This will allow compile time issues

 to be caught before they become a problem


--enable-vtysh is default.  This will allow compile time issues

 to be caught before they become a problem


--enable-werror has been added.  If turned on, compilation will

 turn all warnings into errors


--enable-babeld has been removed.  The babel daemon has been

 removed from Quagga distribution.


Thanks!


donald


--
Paul Jakma      [email protected]  @pjakma Key ID: 64A2FF6A
Fortune:
Big book, big bore.
                -- Callimachus
_______________________________________________
Quagga-dev mailing list
[email protected]
https://lists.quagga.net/mailman/listinfo/quagga-dev

Reply via email to