[Bug 1951834] Re: [MIR]: frr
Override component to main frr 8.1-1 in jammy amd64: universe/net/optional/100% -> main frr 8.1-1 in jammy arm64: universe/net/optional/100% -> main frr 8.1-1 in jammy armhf: universe/net/optional/100% -> main frr 8.1-1 in jammy ppc64el: universe/net/optional/100% -> main frr 8.1-1 in jammy riscv64: universe/net/optional/100% -> main frr 8.1-1 in jammy s390x: universe/net/optional/100% -> main 6 publications overridden. Override component to main frr 8.1-1 in jammy: universe/misc -> main frr 8.1-1 in jammy amd64: main/net/optional/100% -> main frr 8.1-1 in jammy amd64: universe/net/optional/100% -> main frr 8.1-1 in jammy arm64: main/net/optional/100% -> main frr 8.1-1 in jammy arm64: universe/net/optional/100% -> main frr 8.1-1 in jammy armhf: main/net/optional/100% -> main frr 8.1-1 in jammy armhf: universe/net/optional/100% -> main frr 8.1-1 in jammy ppc64el: main/net/optional/100% -> main frr 8.1-1 in jammy ppc64el: universe/net/optional/100% -> main frr 8.1-1 in jammy riscv64: main/net/optional/100% -> main frr 8.1-1 in jammy riscv64: universe/net/optional/100% -> main frr 8.1-1 in jammy s390x: main/net/optional/100% -> main frr 8.1-1 in jammy s390x: universe/net/optional/100% -> main frr-doc 8.1-1 in jammy amd64: universe/doc/optional/100% -> main frr-doc 8.1-1 in jammy arm64: universe/doc/optional/100% -> main frr-doc 8.1-1 in jammy armhf: universe/doc/optional/100% -> main frr-doc 8.1-1 in jammy i386: universe/doc/optional/100% -> main frr-doc 8.1-1 in jammy ppc64el: universe/doc/optional/100% -> main frr-doc 8.1-1 in jammy riscv64: universe/doc/optional/100% -> main frr-doc 8.1-1 in jammy s390x: universe/doc/optional/100% -> main frr-pythontools 8.1-1 in jammy amd64: universe/net/optional/100% -> main frr-pythontools 8.1-1 in jammy arm64: universe/net/optional/100% -> main frr-pythontools 8.1-1 in jammy armhf: universe/net/optional/100% -> main frr-pythontools 8.1-1 in jammy i386: universe/net/optional/100% -> main frr-pythontools 8.1-1 in jammy ppc64el: universe/net/optional/100% -> main frr-pythontools 8.1-1 in jammy riscv64: universe/net/optional/100% -> main frr-pythontools 8.1-1 in jammy s390x: universe/net/optional/100% -> main frr-rpki-rtrlib 8.1-1 in jammy amd64: universe/net/optional/100% -> main frr-rpki-rtrlib 8.1-1 in jammy arm64: universe/net/optional/100% -> main frr-rpki-rtrlib 8.1-1 in jammy armhf: universe/net/optional/100% -> main frr-rpki-rtrlib 8.1-1 in jammy ppc64el: universe/net/optional/100% -> main frr-rpki-rtrlib 8.1-1 in jammy riscv64: universe/net/optional/100% -> main frr-rpki-rtrlib 8.1-1 in jammy s390x: universe/net/optional/100% -> main frr-snmp 8.1-1 in jammy amd64: universe/net/optional/100% -> main frr-snmp 8.1-1 in jammy arm64: universe/net/optional/100% -> main frr-snmp 8.1-1 in jammy armhf: universe/net/optional/100% -> main frr-snmp 8.1-1 in jammy ppc64el: universe/net/optional/100% -> main frr-snmp 8.1-1 in jammy riscv64: universe/net/optional/100% -> main frr-snmp 8.1-1 in jammy s390x: universe/net/optional/100% -> main frr 8.1-1 in jammy amd64 remained the same frr 8.1-1 in jammy arm64 remained the same frr 8.1-1 in jammy armhf remained the same frr 8.1-1 in jammy ppc64el remained the same frr 8.1-1 in jammy riscv64 remained the same frr 8.1-1 in jammy s390x remained the same 33 publications overridden; 6 publications remained the same. ** Changed in: frr (Ubuntu) Status: In Progress => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1951834 Title: [MIR]: frr To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/frr/+bug/1951834/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1951834] Re: [MIR]: frr
Archive Admin, please promote src:frr and these binary packages to main: frr frr-pythontools (pulled in by frr via Recommends) Note libyang2 will be pulled in as well, and its MIR (#1958293) was completed and ACKed. Leave in universe: frr-snmp frr-rpki-rtrlib (uses a library that is still in universe) frr-doc (or not, whatever happens automatically) frr-snmp I decided to not promote: - there are quite a large number of bugs filed in the upstream tracker with "snmp" in them that are still open (https://github.com/FRRouting/frr/issues?page=2=is%3Aissue+is%3Aopen+snmp) - the upstream documentation warns that it can be a firehose and lead to crashes and hangs[1] if abused - snmp is usually hard to troubleshoot, and can be a security nightmare - it's easier to promote it to main later if deemed necessary, than to demote it after it has been in main in a release frr was given a special consideration by the security team (see comment #10) and didn't go through the usual security review process. This plus all the above made me decide to keep frr-snmp in universe for now. 1. http://docs.frrouting.org/en/latest/snmp.html -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1951834 Title: [MIR]: frr To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/frr/+bug/1951834/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1951834] Re: [MIR]: frr
** Merge proposal linked: https://code.launchpad.net/~ahasenack/ubuntu-seeds/+git/platform/+merge/415918 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1951834 Title: [MIR]: frr To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/frr/+bug/1951834/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1951834] Re: [MIR]: frr
The libyang2 MIR[1] got an ACK from security 1. https://bugs.launchpad.net/ubuntu/+source/libyang2/+bug/1958293 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1951834 Title: [MIR]: frr To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/frr/+bug/1951834/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1951834] Re: [MIR]: frr
Everything resovled - in the MIR meeting we decided today that for this special case no security re-review is needed. Setting to "in progress" to reflect that it is ready. But it has to wait on libyang2 still to fully be ready. ** Changed in: frr (Ubuntu) Assignee: Didier Roche (didrocks) => (unassigned) ** Changed in: frr (Ubuntu) Status: Incomplete => In Progress -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1951834 Title: [MIR]: frr To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/frr/+bug/1951834/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1951834] Re: [MIR]: frr
Seeding is here: $ grep -Hrn quagga platform-git ubuntu-git/ platform-git/supported-misc-servers:175: * quagga # RobertCollins Therefore this is what we will change to promote FRR and demote quagga at the same time. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1951834 Title: [MIR]: frr To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/frr/+bug/1951834/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1951834] Re: [MIR]: frr
This is requested by security to be in Jammy for reasonable long term support of the routing daemon. Setting prio critical and milestone to jammy-FF ** Changed in: frr (Ubuntu) Milestone: ubuntu-22.01 => ubuntu-22.04-feature-freeze ** Changed in: frr (Ubuntu) Importance: Undecided => Critical -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1951834 Title: [MIR]: frr To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/frr/+bug/1951834/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1951834] Re: [MIR]: frr
At least it's fixed upstream. I'll address the remaining points next week, as I'm on +1 maintenance this week. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1951834 Title: [MIR]: frr To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/frr/+bug/1951834/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1951834] Re: [MIR]: frr
Yeah, I don’t think that worths a delta. My general annoyance with this is that when you start having some warnings/errors in a project during build, you start accepting more and more of them until it’s not readable and you miss a valid concern. This is why, I tend to patch and add either linter stenza with explanation or fix the issue to keep something "clean". -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1951834 Title: [MIR]: frr To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/frr/+bug/1951834/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1951834] Re: [MIR]: frr
I wonder if it's worth adding a delta with debian for this strncmp() fix, though. The upstream patch switches to strcmp(), arguing that these buffers are always null terminated. In that case, even the incorrect size_t parameter for strncmp() (source of the warning) won't matter, as the comparison will always stop at the \0. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1951834 Title: [MIR]: frr To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/frr/+bug/1951834/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1951834] Re: [MIR]: frr
For the strncmp() warnings, I filed an upstream bug[1] and it was promptly fixed. I also filed a LP bug for me to fix it in Ubuntu, and forward to Debian. 1. https://github.com/FRRouting/frr/issues/10484 2. https://bugs.launchpad.net/ubuntu/+source/frr/+bug/1959896 ** Bug watch added: github.com/FRRouting/frr/issues #10484 https://github.com/FRRouting/frr/issues/10484 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1951834 Title: [MIR]: frr To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/frr/+bug/1951834/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1951834] Re: [MIR]: frr
> specified bound depends on the length of the source argument [-Wstringop-truncation] I believe the strncpy warning can be ignored because the buffer was reallocated using that size just before: static void str_append(char **buf, const char *repr) { if (*buf) { *buf = realloc(*buf, strlen(*buf) + strlen(repr) + 1); assert(*buf); strncpy((*buf) + strlen(*buf), repr, strlen(repr) + 1); } else { *buf = strdup(repr); assert(*buf); } } And we are copying into the middle of the reallocated buffer, not its start. Furthermore, this is test code. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1951834 Title: [MIR]: frr To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/frr/+bug/1951834/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1951834] Re: [MIR]: frr
> * It is on the lto-disabled list. Fix, or the work-around should be directly in the package. Good catch. I checked and it was incorrectly added to that list, and filed a bug to remove it: https://bugs.launchpad.net/ubuntu/+source/frr/+bug/1959838 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1951834 Title: [MIR]: frr To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/frr/+bug/1951834/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1951834] Re: [MIR]: frr
[Summary] Thanks a lot Andreas for the detailed and high quality MIR, with relevant researches and background information. I was first tempted to diff between quagga and frr to do a quick assessement. However, there are too many differences to avoid doing a full package checks. Here are my findings: I can’t give a definitive ack right now until those questions are answered and some few fixes: Notes/required TODOs: * does it need a security review in your opinon? Like, since the first MIR security assessment, a lot of time have passed. Is this the opportunity to benefit from another review or do you think the overall diff from the first MIR in term of security handling is small enough to not justify having a new one? * can you give the exact list of binary packages to promote? You mentioned for instance to keep frr-rpki-rtrlib in universe to avoid pulling librtr to main. I think the definitive will help on the AA side. * It is on the lto-disabled list. Fix, or the work-around should be directly in the package. * There are some compiler warning in the build logs. This is maybe the right time to get them fixed? * finally, once this is promoted, how do we explicitely demote quagga? I don’t find it in the seed. What is going to be uploaded to switch to frr? [Duplication] Fork of quagga, will replace it and the first one will be demoted. [Dependencies] OK: - no -dev/-debug/-doc packages that need exclusion - No dependencies in main that are only superficially tested requiring more tests now. Problems: - new dependencies in main, libyang2: https://launchpad.net/ubuntu/+source/libyang2 #1958293 [Embedded sources and static linking] OK: - no embedded source present - no static linking - does not have odd Built-Using entries [Security] OK: - history of CVEs is expected for this kind of daemon and usage, It does not look concerning - does not use webkit1,2 - does not use lib*v8 directly - does not parse data formats - does not open a port/socket - does not process arbitrary web content - does not use centralized online accounts - does not integrate arbitrary javascript into the desktop - does not deal with system authentication (eg, pam), etc) - does not deal with security attestation (secure boot, tpm, signatures) Problems: - one run a daemon as root, as explained in the description [Common blockers] OK: - does not FTBFS currently - does have a test suite that runs at build time - test suite fails will fail the build upon error from the MIR description. Note that the summary mentions "TOTAL: 0" - does have a non-trivial test suite that runs as autopkgtest - no new python2 dependency [Packaging red flags] OK: Ubuntu does not carry a delta - symbols tracking not applicable for this kind of code. - d/watch is present and looks ok (if needed, e.g. non-native) - Upstream update history is good - Debian/Ubuntu update history is good - the current release is packaged - promoting this does not seem to cause issues for MOTUs that so far maintained the package - no massive Lintian warnings (rather pendantic ones) - d/rules is rather clean Problems: - It is on the lto-disabled list. Fix, or the work-around should be directly in the package, [Upstream red flags] OK: - no incautious use of malloc/sprintf (as far as we can check it) - no use of sudo, gksu, pkexec, or LD_LIBRARY_PATH (usage is OK inside tests) - no use of user nobody - no important open bugs (crashers, etc) in Debian or Ubuntu - no dependency on webkit, qtwebkit, seed or libgoa-* - not part of the UI for extra checks Problems: * Some warnings during build logs: bgpd/bgp_community_alias.c: In function ‘bgp_ca_alias_hash_cmp’: bgpd/bgp_community_alias.c:60:17: warning: ‘strncmp’ specified bound 8228 exceeds source size 8192 [-Wstringop-overread] 60 | return (strncmp(ca1->alias, ca2->alias, sizeof(struct community_alias)) | ^~~ bgpd/bgp_community_alias.c: In function ‘bgp_ca_community_hash_cmp’: bgpd/bgp_community_alias.c:43:17: warning: ‘strncmp’ specified bound 8228 exceeds source size 36 [-Wstringop-overread] 43 | return (strncmp(ca1->community, ca2->community, | ^~~ 44 | sizeof(struct community_alias)) | ~~~ In file included from /usr/include/string.h:519, from ./lib/zebra.h:38, from tests/lib/test_nexthop_iter.c:25: In function ‘strncpy’, inlined from ‘str_append’ at tests/lib/test_nexthop_iter.c:37:3, inlined from ‘str_appendf’ at tests/lib/test_nexthop_iter.c:55:2: /usr/include/x86_64-linux-gnu/bits/string_fortified.h:95:10: warning: ‘__builtin_strncpy’ specified bound depends on the length of the source argument [-Wstringop-truncation] 95 | return __builtin___strncpy_chk (__dest, __src, __len, |
[Bug 1951834] Re: [MIR]: frr
** Changed in: frr (Ubuntu) Assignee: (unassigned) => Didier Roche (didrocks) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1951834 Title: [MIR]: frr To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/frr/+bug/1951834/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1951834] Re: [MIR]: frr
** Description changed: [Availability] The package frr is already in Ubuntu universe. The package builds for the architectures it is designed to work on. It currently builds and works for architetcures: amd64, arm64, armhf, ppc64el, s390x, riscv64 Link to package: https://launchpad.net/ubuntu/+source/frr [Rationale] frr is a fork and replacement for quagga, which is what we have in main but is unmaintained by upstream. About quagga: - - we have been carrying the same version since bionic - - upstream's git repo is gone (http://git.savannah.gnu.org/cgit/quagga.git) - - git mirror at https://github.com/Quagga/quagga shows last commit in 2018 (https://github.com/Quagga/quagga - - mailing lists have crickets (https://lists.quagga.net/pipermail/quagga-users/, https://lists.quagga.net/pipermail/quagga-dev/) + - we have been carrying the same version since bionic + - upstream's git repo is gone (http://git.savannah.gnu.org/cgit/quagga.git) + - git mirror at https://github.com/Quagga/quagga shows last commit in 2018 (https://github.com/Quagga/quagga + - mailing lists have crickets (https://lists.quagga.net/pipermail/quagga-users/, https://lists.quagga.net/pipermail/quagga-dev/) The proposal is to demote quagga, and promote ffr, for jammy. [Security] http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=frr 4 CVEs in older versions (jammy has 8.1) CVE-2017-15865 - information leak CVE-2017-5495 - DoS due to memleak CVE-2019-5892 - DoS CVE-2020-12831 - (disputed) info leak via an initially empty world readable config file site:www.openwall.com/lists/oss-security frr 0 hits (the single hit was for the "frr" string in a pgp signature) Ubuntu: https://ubuntu.com/security/cve?q=frr https://ubuntu.com/security/CVE-2020-12831 needs triage: (disputed) info leak via an initially empty world readable config file https://ubuntu.com/security/CVE-2017-5495 only affected quagga in ubuntu it seems - no `suid` or `sgid` binaries - no executables in `/sbin` and `/usr/sbin` - Package installs services: /lib/systemd/system/frr.service Right after installation, one daemon runs as root, the other two as "frr": root 32148 0.0 0.0 7960 2892 ?Ss 14:02 0:00 /usr/lib/frr/watchfrr -d -F traditional zebra staticd frr32161 0.0 0.0 242848 7000 ?Ssl 14:02 0:00 /usr/lib/frr/zebra -d -F traditional -A 127.0.0.1 -s 9000 frr32166 0.0 0.0 9256 3608 ?Ss 14:02 0:00 /usr/lib/frr/staticd -d -F traditional -A 127.0.0.1 Many more can be run depending on configuration, though. Default list in /etc/frr/daemons: bgpd=no ospfd=no ospf6d=no ripd=no ripngd=no isisd=no pimd=no ldpd=no nhrpd=no eigrpd=no babeld=no sharpd=no pbrd=no bfdd=no fabricd=no vrrpd=no pathd=no If all are enabled, we get this by default: frr 1033 0.0 0.0 1722872 9648 ?Ssl 14:42 0:00 /usr/lib/frr/zebra -d -F traditional -A 127.0.0.1 -s 9000 frr 1038 0.0 0.0 173100 9108 ?Ssl 14:42 0:00 /usr/lib/frr/bgpd -d -F traditional -A 127.0.0.1 frr 1045 0.0 0.0 9916 4192 ?Ss 14:42 0:00 /usr/lib/frr/ripd -d -F traditional -A 127.0.0.1 frr 1048 0.0 0.0 9660 3832 ?Ss 14:42 0:00 /usr/lib/frr/ripngd -d -F traditional -A ::1 frr 1051 0.0 0.0 11852 4900 ?Ss 14:42 0:00 /usr/lib/frr/ospfd -d -F traditional -A 127.0.0.1 frr 1054 0.0 0.0 10828 4632 ?Ss 14:42 0:00 /usr/lib/frr/ospf6d -d -F traditional -A ::1 frr 1057 0.0 0.0 11540 4884 ?Ss 14:42 0:00 /usr/lib/frr/isisd -d -F traditional -A 127.0.0.1 frr 1060 0.0 0.0 9388 3532 ?Ss 14:42 0:00 /usr/lib/frr/babeld -d -F traditional -A 127.0.0.1 frr 1063 0.0 0.0 11540 5088 ?Ss 14:42 0:00 /usr/lib/frr/pimd -d -F traditional -A 127.0.0.1 frr 1071 0.0 0.0 9692 5380 ?S14:42 0:00 /usr/lib/frr/ldpd -L -u frr -g frr frr 1072 0.0 0.0 9520 5376 ?S14:42 0:00 /usr/lib/frr/ldpd -E -u frr -g frr frr 1074 0.0 0.0 10288 3652 ?Ss 14:42 0:00 /usr/lib/frr/ldpd -d -F traditional -A 127.0.0.1 frr 1078 0.0 0.0 9968 3652 ?Ss 14:42 0:00 /usr/lib/frr/nhrpd -d -F traditional -A 127.0.0.1 frr 1082 0.0 0.0 9812 4000 ?Ss 14:42 0:00 /usr/lib/frr/eigrpd -d -F traditional -A 127.0.0.1 frr 1085 0.0 0.0 9232 3376 ?Ss 14:42 0:00 /usr/lib/frr/pbrd -d -F traditional -A 127.0.0.1 frr 1088 0.0 0.0 9204 3136 ?Ss 14:42 0:00 /usr/lib/frr/staticd -d -F traditional -A 127.0.0.1 frr 1091 0.0 0.0 9496 3596 ?Ss 14:42 0:00 /usr/lib/frr/bfdd -d -F traditional -A 127.0.0.1 frr 1094 0.0 0.0 10460 4052 ?Ss
[Bug 1951834] Re: [MIR]: frr
** Changed in: frr (Ubuntu) Assignee: Andreas Hasenack (ahasenack) => (unassigned) ** Changed in: frr (Ubuntu) Status: In Progress => New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1951834 Title: [MIR]: frr To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/frr/+bug/1951834/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1951834] Re: [MIR]: frr
** Description changed: - placeholder for MIR - - - frr has its roots in quagga - - quagga is unmaintained upstream: + [Availability] + The package frr is already in Ubuntu universe. + The package builds for the architectures it is designed to work on. + It currently builds and works for architetcures: amd64, arm64, armhf, ppc64el, s390x, riscv64 + Link to package: https://launchpad.net/ubuntu/+source/frr + + [Rationale] + frr is a fork and replacement for quagga, which is what we have in main but is unmaintained by upstream. + About quagga: - we have been carrying the same version since bionic - upstream's git repo is gone (http://git.savannah.gnu.org/cgit/quagga.git) - git mirror at https://github.com/Quagga/quagga shows last commit in 2018 (https://github.com/Quagga/quagga - mailing lists have crickets (https://lists.quagga.net/pipermail/quagga-users/, https://lists.quagga.net/pipermail/quagga-dev/) The proposal is to demote quagga, and promote ffr, for jammy. - I'll do the initial MIR evaluation, and thus assign this bug to me. Once - the MIR template is filled out, I'll mark this bug as NEW again and - unassigned. + [Security] + http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=frr + 4 CVEs in older versions (jammy has 8.1) + CVE-2017-15865 - information leak + CVE-2017-5495 - DoS due to memleak + CVE-2019-5892 - DoS + CVE-2020-12831 - (disputed) info leak via an initially empty world readable config file + + site:www.openwall.com/lists/oss-security frr + 0 hits (the single hit was for the "frr" string in a pgp signature) + + Ubuntu: + https://ubuntu.com/security/cve?q=frr + https://ubuntu.com/security/CVE-2020-12831 needs triage: (disputed) info leak via an initially empty world readable config file + https://ubuntu.com/security/CVE-2017-5495 only affected quagga in ubuntu it seems + + - no `suid` or `sgid` binaries + - no executables in `/sbin` and `/usr/sbin` + - Package installs services: + /lib/systemd/system/frr.service + + Right after installation, one daemon runs as root, the other two as "frr": + root 32148 0.0 0.0 7960 2892 ?Ss 14:02 0:00 /usr/lib/frr/watchfrr -d -F traditional zebra staticd + frr32161 0.0 0.0 242848 7000 ?Ssl 14:02 0:00 /usr/lib/frr/zebra -d -F traditional -A 127.0.0.1 -s 9000 + frr32166 0.0 0.0 9256 3608 ?Ss 14:02 0:00 /usr/lib/frr/staticd -d -F traditional -A 127.0.0.1 + + Many more can be run depending on configuration, though. Default list in /etc/frr/daemons: + bgpd=no + ospfd=no + ospf6d=no + ripd=no + ripngd=no + isisd=no + pimd=no + ldpd=no + nhrpd=no + eigrpd=no + babeld=no + sharpd=no + pbrd=no + bfdd=no + fabricd=no + vrrpd=no + pathd=no + + If all are enabled, we get this by default: + frr 1033 0.0 0.0 1722872 9648 ?Ssl 14:42 0:00 /usr/lib/frr/zebra -d -F traditional -A 127.0.0.1 -s 9000 + frr 1038 0.0 0.0 173100 9108 ?Ssl 14:42 0:00 /usr/lib/frr/bgpd -d -F traditional -A 127.0.0.1 + frr 1045 0.0 0.0 9916 4192 ?Ss 14:42 0:00 /usr/lib/frr/ripd -d -F traditional -A 127.0.0.1 + frr 1048 0.0 0.0 9660 3832 ?Ss 14:42 0:00 /usr/lib/frr/ripngd -d -F traditional -A ::1 + frr 1051 0.0 0.0 11852 4900 ?Ss 14:42 0:00 /usr/lib/frr/ospfd -d -F traditional -A 127.0.0.1 + frr 1054 0.0 0.0 10828 4632 ?Ss 14:42 0:00 /usr/lib/frr/ospf6d -d -F traditional -A ::1 + frr 1057 0.0 0.0 11540 4884 ?Ss 14:42 0:00 /usr/lib/frr/isisd -d -F traditional -A 127.0.0.1 + frr 1060 0.0 0.0 9388 3532 ?Ss 14:42 0:00 /usr/lib/frr/babeld -d -F traditional -A 127.0.0.1 + frr 1063 0.0 0.0 11540 5088 ?Ss 14:42 0:00 /usr/lib/frr/pimd -d -F traditional -A 127.0.0.1 + frr 1071 0.0 0.0 9692 5380 ?S14:42 0:00 /usr/lib/frr/ldpd -L -u frr -g frr + frr 1072 0.0 0.0 9520 5376 ?S14:42 0:00 /usr/lib/frr/ldpd -E -u frr -g frr + frr 1074 0.0 0.0 10288 3652 ?Ss 14:42 0:00 /usr/lib/frr/ldpd -d -F traditional -A 127.0.0.1 + frr 1078 0.0 0.0 9968 3652 ?Ss 14:42 0:00 /usr/lib/frr/nhrpd -d -F traditional -A 127.0.0.1 + frr 1082 0.0 0.0 9812 4000 ?Ss 14:42 0:00 /usr/lib/frr/eigrpd -d -F traditional -A 127.0.0.1 + frr 1085 0.0 0.0 9232 3376 ?Ss 14:42 0:00 /usr/lib/frr/pbrd -d -F traditional -A 127.0.0.1 + frr 1088 0.0 0.0 9204 3136 ?Ss 14:42 0:00 /usr/lib/frr/staticd -d -F traditional -A 127.0.0.1 + frr 1091 0.0 0.0 9496 3596 ?Ss 14:42 0:00 /usr/lib/frr/bfdd -d -F traditional -A 127.0.0.1 + frr 1094 0.0 0.0 10460 4052 ?Ss 14:42 0:00 /usr/lib/frr/fabricd -d -F traditional -A 127.0.0.1 + frr 1097 0.0 0.0 9256 3472 ?Ss 14:42 0:00
[Bug 1951834] Re: [MIR]: frr
** Tags added: server-todo -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1951834 Title: [MIR]: frr To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/frr/+bug/1951834/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1951834] Re: [MIR]: frr
** Changed in: frr (Ubuntu) Milestone: None => ubuntu-22.01 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1951834 Title: [MIR]: frr To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/frr/+bug/1951834/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1951834] Re: [MIR]: frr
** Changed in: frr (Ubuntu) Status: Triaged => In Progress -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1951834 Title: [MIR]: frr To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/frr/+bug/1951834/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs