Fixed CVE-2018-5379 - Double free vulnerability in bgpd when processing
certain forms of UPDATE message allowing to crash or potentially execute
arbitrary code
Resolves: rhbz#1546008
Fixed CVE-2018-5380 - bgpd can overrun internal BGP code-to-string
conversion tables potentially allowing crash
Resolves: rhbz#1546006
Fixed CVE-2018-5381 - Infinite loop issue triggered by invalid OPEN message
allows denial-of-service
Resolves: rhbz#1546004
Fixed CVE-2018-5378 - bgpd does not properly bounds check the data sent with
a NOTIFY allowing leak of sensitive data or crash
Resolves: rhbz#1546009
resolves#1462426 - Installing with dnf produces error /var/tmp/rpm-tmp.jMe0EE: line 44 [: too many arguments
resolves#1509292 - CVE-2017-16227 quagga: Incorrect AS_PATH size calculation for long paths
This rebases fixes following security issues:
- CVE-2016-2342 quagga: VPNv4 NLRI parses memcpys to stack on unchecked length (#1316572)
- CVE-2016-4049 quagga: denial of service vulnerability in BGP routing daemon (#1331373)
- CVE-2016-1245 quagga: Buffer Overflow in IPv6 RA handling (#1386110)
Also babeld was dropped by upstream.
Resolves: #1316324, #1316572, #1331373, #1386110, #1387654
This package links against librpm:
linker flags : -Wl,-z,relro -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -rdynamic -lcrypt -Wl,-z,relro -Wl,-z,now -L/usr/lib64 -lnetsnmpmibs -lsensors -ldl -lrpm -lrpmio -lnetsnmpagent -lwrap -Wl,--enable-new-dtags -Wl,-z,relro -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -lnetsnmp -lssl -lssl -lcrypto -lm -lrt -lcap -ltermcap -lreadline -lm
and so requires rebuilding because there has been a librpm
SONAME bump in Rawhide.
Because of recent changes when creating AF_NETLINK socket, kernel will
cache capabilities of the caller and if file descriptor is used or
otherwise handed to another process it will check that current user has
necessary capabilities to use the socket. Hence we need to ensure we
have necessary capabilities when creating the socket and at the time we
use the socket.
See: http://www.spinics.net/lists/netdev/msg280198.htmlResolves: #1097684
quagga daemons don't remove pidfiles before exit. Previously it was done by
init script, now pidfiles stay around after daemon is stopped. If they are
referenced in service files systemd will remove them automatically after service
is stopped.
Also fix typo, there is no BindTo dependency, change to BindsTo.
rpm-checksec revealed that ospfd is not compiled as PIE. We enable
hardened build in specfile, this should not break anything and it should
take care of enabling security related compiler options.
We install tmpfiles configuration fragment and %{_tmpfilesdir} macro is
provided by systemd. Let's please this save and add systemd explicitly
as build requirement.
Previously with configuration WantedBy=network.target it could happen
that after enabling let's say zebra and bgpd and restarting the server
services won't be started. In case when no service pulls in
network.target quagga daemons won't start, because they are enabled
under network.target. This might be the case when only zebra is used
for configuring interfaces and other services like NM and initscripts
are disabled.
This commit also removes ordering dependency on syslog.target, since
this is redundant these days, because systemd-journald is early boot
service.