[quagga-users 6854] ANNOUNCE: 0.98.6 release

Paul Jakma paul at clubi.ie
Mon May 8 21:06:59 IST 2006 

Hi,

Quagga 0.98.6 has been released. There is one additional change from 
fridays "pre-release":

 	[ripngd] bug #242, fix crash in routemap, ipv6 stored in in_addr.

Tarball: http://www.quagga.net/download/quagga-0.98.6.tar.gz
GnuPG signature: http://www.quagga.net/download/quagga-0.98.6.tar.gz.asc
Full Changelog: http://www.quagga.net/download/quagga-0.98.6.changelog.txt

Overview of the changes:

Security:
   ripd:

     - RIPD unauthenticated route table broadcast:
         CVE-2006-2223, OSVDB ID 25224, Secunia SA19910
     - RIPD unauthenticated route injection:
         CVE-2006-2224, OSVDB ID 25225, Secunia SA19910

       [ripd] 0.98 specific command changes, allow no-auth to be set
       [ripd] bugs #261, #262: Fix RIPv1 info-leak and unauthenticated route updates
       [doc] Add text on 0.98 specific RIP authentication changes
       [docs] Update ripd docs on version and authentication, see bugs #261,#262

 	Thanks to Konstantin V. Gavrilenko for report and testing.

   bgpd:
     - bgpd Telnet Interface DoS:
 	    OSVDB ID 25245:
 	     http://www.osvdb.org/displayvuln.php?osvdb_id=25245
 	    [quagga-dev 4051]:
 	     http://lists.quagga.net/pipermail/quagga-dev/2006-March/004052.html

       [bgpd] Fix infinite loop in community_str2com

Major bug fixes:

       [bug #89] Fix leak of community when set community is used
       [ospfd] Bug #234. Fix nbr_self reinitialisation after down/up.
       [ospfd] ignore loopbacks for received interface validation
       [ospfd] Fix virtual-link handling in nbrs route-table, exposed by bug#234 fix

Minor bug fixes:

       [ripngd] bug #242, fix crash in routemap, ipv6 stored in in_addr.
       [zebra] zebra_rib.c: Fix rib_delete_ipv6() to match routes in the RIB by
       [ospfd] Fix incorrect byte-order conversion of OSPF_MAX_SEQUENCE_NUMBER
       [ospfd] Make database exchange for NSSA database work
       [ospfd] fix rare leak of struct connected, in an error path.

Trivial fixes[1] and enhancements:

       [0.98] Make "show ip ospf neighbor xxx" commands work.
       [lib] 'show route-map' should print call action seperate from exit policy
       [ospfd] Fix failure of Fletcher checksum with certain compilers
       [ospfd] fix undefined effect expression
       [redhat] Update spec file with some changes from Fedora spec file

Many thanks to all those who helped fix bugs by providing either
patches, detailed problem reports and/or help with testing of fixes. 
Please see the Changelog and/or the relevant bug IDs for credits.

1. Trivial in impact relative to other bug-fixes, however this does not
    imply the diagnoses and reporting of these bugs were trivial.

regards,
-- 
Paul Jakma	paul at clubi.ie	paul at jakma.org	Key ID: 64A2FF6A
Fortune:
The real reason psychology is hard is that psychologists are trying to
do the impossible.

More information about the Quagga-users mailing list