frr-devel-8.5.6-150500.4.30.1<>,xgDDp9|.]%AE6 |Ox2S -[XǬ5ѕʠuА"h;oĀΞR'W[jc İxREznMqxI*V: iӦ0?؃;:"(K]PIK)0wY?LR^: ,)ru?Qb"DiS(2bL4byƱW-Z%d6FH)jBk>;t?dd   L5 Kk  L  + ,/P2C565X77 8 8 (989*99*:GPL-2.0-or-later AND LGPL-2.1-or-laterhttps://www.suse.com/Development/Libraries/C and C++https://www.frrouting.orglinuxx86_64J#4) $_g4@2_  }M ! f#OUC)*m%8v$*  UZ 3}+ %Q O! s "-uL5 +l]|7-QCAn1 ^ M- @ q.  {] &xH@%& |'} 5{ #0C- Gxa##)(? iA큤A큤A큤A큤A큤gDDfL3fL3fL3fL3fL3gDDfL3fL3fL3fL3fL3fL3fL3fL3fL3fL3fL3fL3fL3fL3gDDfL3fL3fL3fL3fL3fL3fL3fL3fL3fL3fL3fL3fL3fL3fL3fL3fL3fL3fL3fL3fL3fL3fL3fL3fL3fL3fL3fL3fL3fL3fL3fL3fL3fL3fL3fL3fL3fL3fL3fL3fL3fL3fL3fL3fL3fL3fL3fL3fL3fL3fL3fL3gDDfL3gDDfL3fL3fL3fL3fL3fL3fL3fL3fL3fL3fL3fL3fL3fL3fL3fL3fL3fL3fL3fL3fL3fL3fL3gDDtfL3fL3fL3fL3fL3fL3fL3fL3fL3fL3fL3fL3fL3fL3fL3fL3fL3fL3fL3fL3fL3fL3fL3fL3gDDtfL3fL3fL3fL3fL3fL3fL3fL3fL3fL3fL3fL3fL3fL3fL3fL3fL3gDDgDDgDDgDDgDDgDDgDDgDDc848bb4c5b0e9a0b5c58567c6a854b8c6ff228abfbc15c0078fbcdc0e7bb62509f0a914b91ff407414dd17949089466d8fbae3d3c9a22857bcfe13e144d8c36ddad740e3a8173858fab26a8fd675ff714769b01c12996145e3a80d2aaaa7b7886cbdc34a530795eee4953e9bfb8abdb4f07b152ab99979f24534ff46edcf589200c8ed7146d80cf2bad9ce0f42a8b89c64a6d264340bbecf314a702d1c6dbdb9ae776f96bf453b6580120c8aa4a6b5f012e22e2dda5b848356eecfc4dfa40b4d854959b803f10e1983580565e542bbadb5117eb14e918948d44a40c9c698e186a459373df22806f56d43236eaf3ed7f12d9b17b899f801482a8df8062f80317d44e03cb13875f38ed2475cf5776f7dc700e7259b3ba9dc07ddc0a36c1c594e5525b478e4cd82ac76c33b32db3655938c8ef9b02b12733c250b32a590e3aaaa28ca56a0c40884a24688bd23bc2399b77e6b8d5508e41dd303c6675057747904b7eb34f62643a9d95ea43d6008b680defd912cb361f6f97c1db3d8f9245e4e71baf1ffa8b32be495b4ab483c3550a1caecde73ea5aad8955e3857d80e850b87471793e04f42d3655aca2f7a2c2a7eb93dc7e1a6a638bd252c99adc6b6b9fb1431134b3307eba542164932283ef8d9f703e7e4a968acaace1a0955d75dfa1168094364e02c114772ef43795cf627baf39b92858c76f9995da58eb566310bc9fb64def38f1bd15dfb2861fea92b15216136a52d2faaf17d46cbc0fede33e172d9006c8bc7b7aa372b78dc6ca2f3ef36a97e4760164c50161f7ca8e661a6ba4f5dffe843edb796d5604661ff60a9f6220e5ccd5815d66d83db2eddc9ecf336acd5c46c97a2bf260d434f66f976e1e63701d3a70d44d072726c7e0afb629ab2214b25746c09d83e003e34b130a64e67c6c574c25b482de2d3871292a859904cda0112e0f140e94ac452a91f1dc2646bfa2f68e8ec709b57258586df31a25e29fc2cc5fdff9b3516d2f0e0d4e137437fbca293fc025bbd40778afd0f4fbb3ac402b349670dc6d215d8be9159cd0b5715ca6dbda914594e6a977339c887f776b81a18970f8ef8a5c8d69d7bb8a72bdf4965fdd3eced9aef14d30a3d5c4375bb5fa6441f45826dac68bc7ae6e1f0189d3381f2b511a4c9098e1c2c3b09e78ba5577da65214dd4e419592179964afe78f4b5f3b515b555e7c9ad0f7292551ac3b4fdd7dc51e80cded0bb614045e89b6b7596f68dc7eb7757cd71300a97ce618a92ff04ae1188335df2036b65910c540b26185cb474f8f968dd52668120e979646514f15ccf6cfe0c7ef69af23292e2c95e24add2bda99f7522dfa0716cb5fb704d0ae63714b27cd0ab838facd4b47655416a35ce105ecae35b142ad06a86cc91bef1839baf9412cc6b4a2876c6de1f33c3d353cdba63068f798c68f0ed20264742931226a8b1b3482512704b64a152b8f87b4a1eea26c35ae1051c337f254a0d26db7e7a0d2e934cfc8d027e688d297c5205133e73c414c41a222809c4ecaa3cdcb21c632e03f8a75eea5319e6fc37bd4da9d44af3f582cfa11bcf8da03268acaf131de23496029e33d28ed2de8d942a47ba895f34c5aebd7838889d1544fb834ffadc5e820de3e011a1dde5709d356b3e4b268786f76ef31be1d522fd662c57d8a1577a04208b29931ff32e209aed6825b08ed615eaf14d7d30ef6064548e3e7e2d5605698d2691f1cfc7c38d6e31b2efe124e166f479f64bcecdceb6c63812ddc8c8e2707347324517940a6a98623e2046b6b29eff5f713ceb3696bd2062946f1569524aeb94e79185394d0d12f0e2b79bc69dc6e6419fc4bd0ef0c343513e61af323b565cc1cc69cf49f1aedf991c4b8cd246428db7b7e2992669ee08f348ab1903fadcf63dc1efe340b7bebfa3ac656fb64a694b127d4de98c72bc917dd7848267e98d73beccb3a25afbf321e198dc060ee0390cd87095d3e7e76bddd0794a72e23237ba7c148003b71d9ae4fc24fa53b364e3e6070c88a81cfcde3aa792597534b2852c28220a29810ad2131d0fa560349e2c7e2a4faf1f6a0b60cf2a6df84dea0125e523bc7cb5531ccedd54072c5e00c70e1f75b0cc6625879b44073d730d69882357f8cebff26a5e2eee0faa8dc19fc5199db19fff5988fca2e5ebdb05c0e2d707fedac81f489da251b6e76e6082249d4f873fcdd205f7873ce2297d4338fee6adec65581fa96bb5ab56736a97c510b5be6432abcbeee77174467565ad2cf0111d3958325667a82ddd1bccbb8659dfbdbe39429606f98ce5d7a3d4e91600a63dc6b60b1297f775d5164e08fa867d86fafc395d8ecdf8d4da6ae2d79c032b1779e785cf831c9bbe911bb5d7cf3b41d197295226a5356195eb60545e09f049ed2f87c919b82c1d8602074b1610b17c64dcb1e42297291c78302841d89e68952cf2245c2ba0bb0249dd41d091a7175df3e2b14cee529a1c309593d28d258b68f3682071ad2f26016044a3b08dfd8b01d777ca5f738a1474362baa4c0cea0f5bbedb627f1bd1704a818ef5e78105f6b392efa2da33b617c38053e123009e0c58bf238b5c17c692ad3a20bb17a7bc3c0a68357ca1068c7456b7045994f9c02d68824357d5d676ae410dea58545d642a86be93271112bf93ea178648557be7909e12cc8eb28c04fd2824d7dc0c65e980a71d37d97355500ae1adab247599ccb77b2bca70d4fc0c380cc4fbb3293d2d08284b65a8ca981d8658949028b155e7d56da3ecc1016ef50e7a062b7aa96a174f79beaffca5006a0d10fdcddab5a4bc4b1837231cb22fe6428fb5c0e7a8fef16b7eed367feb525b8554d0df113f5bb66bdc868536314014239704e2e67cdcbaa6b75c346fd61d77fdfeb6537395896e91ad490584cb628c83317f9392e86313d7e9babe1dacd568a1065157c2cc704c96f17ed7267eb1e5bfa7d5ac74bafddaf59f165de12a9bf057e0e1f0d4a9740bcd40f2e80b83fbec55ed9912d0db7171af4f973e50e1845aebe9a15e158bae1b4bbe2cadaebbc9c134c9bb82702ba65bac94612a95b176c9714424bcb209df8e1bfbaf640d08b2cebb1f6dc48caeae0d83f7f1bb3d10a07f81bbb00062da077f5e1e4e372dfb5bf7a342f81531f7397615f7c402a134ed23f01afaccfc6b0b597ccc273d736a4a7aac62f554ab6d5cbd93557cdb87edb20ee092089707e588412c13963346fb5b4d394eb11ca1f3afe14263ae84854e305501d94302d7776b3889e5d29ca5ff5464f11952c1e576e1f7a8c1afba9c1091235cd15aa3a0db1f6fecd9cc813e64160510cd207e717915e531605d5fd8efcce06eda9ab658ae1daa915e55290983cbeec1eff6b817385fb3aa14a1ee01cee25dfe0a4b75a73977b10607bbaa7d2ec7ce6a6dc1382188663aa0a26e924db53ee41df1f79cb1a8749239c81bf14318bd7b4645c791007bfc799a7d55543ebf41a6c0fad6293c1db7833680e8474e94edb86bd299bfdc30cc384d1e9a14c5eb0b17ebf784190f187c89ae444bb25d5e7c3319d4bb471ba56757b61a1ec9b191a321420de167ebb8661427ef4d1228b132c9c91c0cd037aac140fe2a73cae346866f30e2af3fde3a782ef3b7a0f4878479722f06e44f07985c5850882a1f37520aa143affad3930a4d92884abca8201d191c7fef999e6f8948d45bc9452b0135dfa8d2c70bda1ed53ef003e9ce2f242a5e46a90a7ba15d0b3ed042c8e0394539f5ef24012f48c2e4f586ab62f270f14cd1290d5368662b690d6821ee0677a830948c4d467a760da469358e63e57438f6beaa5e17ce086999034e7056c832e55521a9f4b7c8d3dd99c370c42f66781a2c93a6a6abcc3a83b7de56f8fccefa8f2ea70a19d426854ebf539ae0c7dabd3c101021dd90602ac7130789b4e5d56a63bf68f11c54d6543c99f94f783de2f84fb9dcacc3f10c0b047fae94171f117bf44470749b3308c930216cef78c197b352fda548ef8f72ecbff31f7bec9a825e5dff9f9d1d98263a638d97a055cc16a88f3a83fa984356dc0c5500e6e1b9e1b705455cbd241b596689dc1f998c6513b1994b26fe6db5034b9cf750f06094b0797716406bf02b898e807e3815cfc1e3e8e7a885284081a0f3b8ca61f8bd4cb8b4657d5233e2fa6a75aa581206a0ad288df15b61fa7852a8433240f28750c22d187067eb36c7c83de65bef2c49073952e13cfcba78e89662c17966a337732b46e5876f1ae17155bd8fcc29ec184b0db6d186ce05a0f3f1cbdc49f628e79354b08ad98df6bdb6cb2b6d6feb517180f12a7034d4605b4266a9b7c6506eb6b934ee9ce94930de822505825b950612e1bdc90c986584e55d004faae40046870bfb28a927dd5711d0290d7ba78c2f7a3339d05b43de2e63638072466d896a0fac908c9254680640cb5c1ef612810ba60c6b685c2668a27bd9cd3d1146dd978dfa2e39cca09f8448645884a335f0b533a2155807d640274fd781a69b37b311783c6927bfeead5856804c3a96f0e6cb881f119e75118d2b4e1ceb9ca26c64ea508395f0b18d0e8c5e6e7f63c7522649da629f3049d8960c45e01c2d7125203a97ec993f932b67b971b0d4f188604364e4f3c97b65f3c48c27587fd6dc18c4e2f266a296fe502735e931b5993226e1cd0fafdc8c734382a69b9b4d874887a8506bf52587c6a032525e963adf6d232d12e4a5fdf26d5123cc98b2196d045516e8d0018b3950c511b4850ea129ce4b4795256bd8edcd53934e2e510ca443a8ee22cab15cfab986cee3a6c0e57698a1ed1b7840e744c93cd56af0c78a83328092803d2ce2f151a7e9766df1588f5b5b71ece5a2c306ae1914e013b1af70fb515805bdd40967d2dfe5bbefebb8d53c65e60d16940df1aa7c0b08064e99bd85d8203e57e28b5aa4592c26472d84f4ecedb4c51df248a2653a05210b8db0440d05eaa08f10cfa27fd1b420ddd11ecb7dab74a15c3f8ff7f17139c6623cca5c55d29252a19d33c4594dda87e7b3f55aa979b14a47b4a15e41a46975675f6946fb95038028320c0e9e76c8cf65d3ba88ac37e0933435e24bc2ce8c01cc1ba9aff55a6d455f3edafd887858612aae5349c3adf5e07630d2009cf98c24cd632dd7e692544e181e1c00aa894320ecaecd7f4f9b5cd6bf07c96ee2152ebebfbb611c24d4c1ae625ea94de43b81edf9f55b58782491e7b225d105e70c5745a0cef526f11b6b822102bcaa2070648a070c5845b8e6368d3622d1c854f27d9289fa273e84e1f1f27b5443ed84df59dbdfd5a2dada8d3ef31e26c4aeed2f65688a45a01ce9d35371e14318579afdbf214d825e2777f23c57ac4bc88ba88a9bb74edcc4f56894967c3cca96ab0b80118adcf3ff3699a0991e7cc0db4430f13f58c49f7618eff5395eab6699b5c6cdd7b43caf8d86c15c721e797dcad5215969d53be3422dab96b064e770386b12d541a5560f70b3d34e0e4be62f0f3e5dd2195d548b21b45af360f9e6291c5e8d3dffd567ca0ac1dda91a6b20c2ac8c49c5a54ccc7599c44efbdd0510308f8a70fdf8f04df8506755630c86b2b7216946b0f80ea5dea5e10ab95fd64c2307c4e57b0c14daef75e259ee842b135fb4f143f04b47f371b4ebc0c49c8ed9f990f77883a07705c662da4eabac6b27c114eba0aaf20d4a8b804f6da3366d2813e638d41bd48a8a3260d956b398cc8a2fb2c5bf233b43e20ac1735251b9b6f3cb043decbba20f21ae2e125d3e42b3de0ac7428d7ef516e557a94946bfb5a3e5bda29d737971a6aec16bdebac33805285d8f76398be00387781ec072743c608215859b51de244ea0e98505342999e0d2887e8bb0360aba0aad2bb2cca38cc0aff9af6e82122a32d0d7894d44ed5296ce1645a46a2d381d7a141660d1a5837e5f48dbbefe1dcccbbc73005b91daa030b11d8e4c367fe0f43039338bd927a6dfe728564564e47fc99227bb8fd3b169a22a79469990e6472c9c17f3fec580a56e0be7efaaf2dea08ea052557322ea47e26b917626242a826ab637f16b040469e41ffbc8dd3d2483c40ec1364947a7ae13b5cf4e14518d32aafb044cea9fbd0b014b84a60b5444fa0a6495f974f5ff268c00f458e6bbb759c03e0f21b9afa87a82e69b890518d3c546b139063565e97110baf3ed8c0f415e7f51b387f21a06b6b8e11bdd6623647ff01ccef5ec91c6824b4329e5f94722dd22ac9a5bd463d14a67ba99095e2df758c5fdfb72894986ec949188a61e1588libfrr.so.0.0.0libfrr_pb.so.0.0.0libfrrcares.so.0.0.0libfrrfpm_pb.so.0.0.0libfrrospfapiclient.so.0.0.0libfrrsnmp.so.0.0.0libfrrzmq.so.0.0.0libmlag_pb.so.0.0.0rootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootfrr-8.5.6-150500.4.30.1.src.rpmfrr-develfrr-devel(x86-64)    libfrr0libfrr_pb0libfrrcares0libfrrfpm_pb0libfrrospfapiclient0libfrrsnmp0libfrrzmq0libmlag_pb0rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)8.5.68.5.68.5.68.5.68.5.68.5.68.5.68.5.63.0.4-14.6.0-14.0-15.2-14.14.3gf(@f_f(@f@e@em@e?eRd/@dbd*cn9@cb3"b@aaaim@aa@aC1``@_I@___w@^z^Ӝ@^^k@^G@^"@^!^^^ @]@]@]]@\U@mt@suse.commt@suse.commt@suse.commt@suse.comcfamullaconrad@suse.comdimstar@opensuse.orgmt@suse.commt@suse.commt@suse.commt@suse.commt@suse.commt@suse.commt@suse.commt@suse.comdimstar@opensuse.orgmt@suse.comjsegitz@suse.comlinnaea@lavia.moejsegitz@suse.comlinnaea@lavia.moejsegitz@suse.commt@suse.commardnh@gmx.deolaf@aepfle.dertorreromarijnissen@suse.commardnh@gmx.demt@suse.commardnh@gmx.deerico.mendonca@suse.commardnh@gmx.demrueckert@suse.demardnh@gmx.demardnh@gmx.demardnh@gmx.demardnh@gmx.deidonmez@suse.commardnh@gmx.deerico.mendonca@suse.comerico.mendonca@suse.comerico.mendonca@suse.commardnh@gmx.demardnh@gmx.de- Update to frr 8.5.6 (jsc#PED-11092) including fixes for CVE-2024-44070,CVE-2024-34088,CVE-2024-31951,CVE-2024-31950, CVE-2024-31948,CVE-2024-27913,CVE-2023-47235,CVE-2023-47234, CVE-2023-46753,CVE-2023-46752,CVE-2023-41909,CVE-2023-41360, CVE-2023-41358,CVE-2023-38802,CVE-2023-38407,CVE-2023-38406, CVE-2023-3748,CVE-2023-31490,CVE-2023-31489 and other bugfixes. See https://frrouting.org/release/8.5.6/ for details. The most recent frr 8.x series provides several new features, improvements and bug fixes for various protocols and daemons, especially for PIM/PIMv6/BGP and VRF support. See https://frrouting.org/release/8.5/ for details and links. - Removed patch included in the sources: - 0004-tools-remove-backslash-from-declare-check-regex.patch - 0005-root-ok-in-account-frr.pam.patch - 0006-bgpd-Check-7-bytes-for-Long-lived-Graceful-Restart-c.patch - 0007-bgpd-Ensure-stream-received-has-enough-data.patch - 0008-bgpd-Don-t-read-the-first-byte-of-ORF-header-if-we-a.patch - 0009-bgpd-Do-not-process-NLRIs-if-the-attribute-length-is.patch - 0010-bgpd-Use-treat-as-withdraw-for-tunnel-encapsulation-.patch - 0011-babeld-fix-11808-to-avoid-infinite-loops.patch - 0012-bgpd-Limit-flowspec-to-no-attribute-means-a-implicit.patch - 0013-bgpd-Check-mandatory-attributes-more-carefully-for-U.patch - 0014-bgpd-Handle-MP_REACH_NLRI-malformed-packets-with-ses.patch - 0015-bgpd-Treat-EOR-as-withdrawn-to-avoid-unwanted-handli.patch - 0016-bgpd-Ignore-handling-NLRIs-if-we-received-MP_UNREACH.patch - 0017-bgpd-Fix-use-beyond-end-of-stream-of-labeled-unicast.patch - 0018-bgpd-Flowspec-overflow-issue.patch - 0019-bgpd-fix-error-handling-when-receiving-BGP-Prefix-SID-attribute.patch - 0020-ospfd-Solved-crash-in-OSPF-TE-parsing.patch - 0021-ospfd-Solved-crash-in-RI-parsing-with-OSPF-TE.patch - 0022-ospfd-Correct-Opaque-LSA-Extended-parser.patch - 0023-ospfd-protect-call-to-get_edge-in-ospf_te.c.patch - 0024-bgpd-Check-the-actual-remaining-stream-length-before.patch - Add RPM_OPT_FLAGS to CFLAGS- Apply upstream fix for crash in bgp_attr_encap that were missing a check of the actual remaining stream length before taking the TLV value (CVE-2024-44070,bsc#1229438,gh#FRRouting/frr#16506): - 0024-bgpd-Check-the-actual-remaining-stream-length-before.patch- Apply upstream fix solving ospfd denial of service via get_edge() function returning a NULL pointer (CVE-2024-34088,bsc#1223786, gh#FRRouting/frr#16088). [+ 0023-ospfd-protect-call-to-get_edge-in-ospf_te.c.patch] - Apply upstream fix solving ospfd buffer overflow and daemon crash in ospf_te_parse_ext_link for OSPF LSA packets during an attempt to read Segment Routing Adjacency SID subTLVs (CVE-2024-31951, bsc#1222528,gh#FRRouting/frr#16088). [+ 0022-ospfd-Correct-Opaque-LSA-Extended-parser.patch] - Apply upstream fix solving ospfd buffer overflow and daemon crash in RI parsing with OSPF TE (CVE-2024-31950,bsc#1222526, gh#FRRouting/frr#16088). [+ 0021-ospfd-Solved-crash-in-RI-parsing-with-OSPF-TE.patch]- Apply upstream fix solving crash in OSPF TE parsing (bsc#1220548, CVE-2024-27913, gh#FRRouting/frr#15431) [+ 0020-ospfd-Solved-crash-in-OSPF-TE-parsing.patch]- Apply upstream fix on error handling when receiving BGP Prefix SID attribute (bsc#1222518,CVE-2024-31948,gh#FRRouting/frr#15628) [+ 0019-bgpd-fix-error-handling-when-receiving-BGP-Prefix-SID-attribute.patch]- Fix build with RPM 4.19: a stray %-escape sequence was found in the files section.- Apply upstream fix for a crash on malformed BGP UPDATE message with an EOR, because the presence of EOR does not lead to a treat-as-withdraw outcome (CVE-2023-47235,bsc#1216896,https://github.com/FRRouting/frr/pull/14716/commits/6814f2e0138a6ea5e1f83bdd9085d9a77999900b) [+ 0015-bgpd-Treat-EOR-as-withdrawn-to-avoid-unwanted-handli.patch] - Apply upstream fix for a crash on crafted BGP UPDATE message with a MP_UNREACH_NLRI attribute and additional NLRI data (CVE-2023-47234, bsc#1216897,https://github.com/FRRouting/frr/pull/14716/commits/c37119df45bbf4ef713bc10475af2ee06e12f3bf) [+ 0016-bgpd-Ignore-handling-NLRIs-if-we-received-MP_UNREACH.patch] - Apply upstream fix for attempts to read beyond the end of the stream during labeled unicast parsing (CVE-2023-38407,bsc#1216899,https://github.com/FRRouting/frr/pull/12956/commits/ab362eae68edec12c175d9bc488bcc3f8b73d36f) [+ 0017-bgpd-Fix-use-beyond-end-of-stream-of-labeled-unicast.patch] - Apply upstream fix for an nlri length of zero mishandling, aka "flowspec overflow" (CVE-2023-38406,bsc#1216900,https://github.com/FRRouting/frr/pull/12884/commits/0b999c886e241c52bd1f7ef0066700e4b618ebb3) [+ 0018-bgpd-Flowspec-overflow-issue.patch]- Apply upstream fix for a crash due to a crafted BGP UPDATE message (CVE-2023-46753,bsc#1216626,https://github.com/FRRouting/frr/pull/14655/commits/21418d64af11553c402f932b0311c812d98ac3e4). [+ 0013-bgpd-Check-mandatory-attributes-more-carefully-for-U.patch] - Apply upstream fix for a crash due to mishandled malformed MP_REACH_NLRI data (CVE-2023-46752,bsc#1216627,https://github.com/FRRouting/frr/pull/14645/commits/b08afc81c60607a4f736f418f2e3eb06087f1a35). [+ 0014-bgpd-Handle-MP_REACH_NLRI-malformed-packets-with-ses.patch]- Apply upstream fix for NULL pointer dereference due to processing of malformed requests with no attributes in bgp_nlri_parse_flowspec (CVE-2023-41909,bsc#1215065,https://github.com/FRRouting/frr/pull/13222/commits/cfd04dcb3e689754a72507d086ba3b9709fc5ed8). [+ 0012-bgpd-Limit-flowspec-to-no-attribute-means-a-implicit.patch]- Removed protobuf-c BuildRequires (source package name) breaking build-system setup with libprotobuf-c-devel 1.3.2 updates. - Apply upstream fix for bgpd: Don't read initial byte of the ORF header in an ahead-of-stream situation (CVE-2023-41360, bsc#1214739,https://github.com/FRRouting/frr/pull/14245) [+ 0008-bgpd-Don-t-read-the-first-byte-of-ORF-header-if-we-a.patch] - Apply upstream fix for bgpd: Do not process NLRIs if the attribute length is zero (CVE-2023-41358,bsc#1214735, https://github.com/FRRouting/frr/pull/14260) [+ 0009-bgpd-Do-not-process-NLRIs-if-the-attribute-length-is.patch] - Apply upstream fix bgpd: Use treat-as-withdraw for tunnel encapsulation attribute instead of session reset (CVE-2023-38802,bsc#1213284, https://github.com/FRRouting/frr/pull/14290) [+ 0010-bgpd-Use-treat-as-withdraw-for-tunnel-encapsulation-.patch] - Apply upstream fix babeld: avoid infinite loops (CVE-2023-3748,bsc#1213434, gh#FRRouting/frr#11808,https://github.com/FRRouting/frr/pull/12952) [+ 0011-babeld-fix-11808-to-avoid-infinite-loops.patch]- Apply upstream fix for denial of service via the bgp_capability_llgr() function (bsc#1211248,CVE-2023-31489,gh#FRRouting/frr#13098). [+ 0006-bgpd-Check-7-bytes-for-Long-lived-Graceful-Restart-c.patch] - Apply upstream fix for denial of service via the bgp_attr_psid_sub() function (bsc#1211249,CVE-2023-31490,gh#FRRouting/frr#13099). [+ 0007-bgpd-Ensure-stream-received-has-enough-data.patch]- Enable pim6d providing PIMv6 support (bsc#1206234)- Migration to /usr/etc: Conditionally moved /etc/logrotate.d/frr file to vendor specific directory /usr/etc/logrotate.d and added saving of user changed configuration files in /etc and restoring them while an RPM update. - Declare root as sufficient also in the pam account verification; without vtysh use causes to log a pam frr:account warnings (https://github.com/FRRouting/frr/pull/12308) [+ 0005-root-ok-in-account-frr.pam.patch] - Applied fix removing a not needed backslash causing to log a warning (https://github.com/FRRouting/frr/pull/12307) [+ 0004-tools-remove-backslash-from-declare-check-regex.patch] - Applied upstream fixes for frrinit.sh to avoid a privilege escalation from frr to root in frr config creation (bsc#1204124,CVE-2022-42917, https://github.com/FRRouting/frr/pull/12157). [+ 0003-tools-Run-as-FRR_USER-install-chown-commands-to-avoi.patch] - Removed obsolete patches provided in the 8.4 source archive: [- 0003-babeld-fix-10487-by-adding-a-check-on-packet-length.patch, - 0004-babeld-fix-10502-10503-by-repairing-the-checks-on-le.patch, - 0005-isisd-fix-router-capability-TLV-parsing-issues.patch, - 0006-isisd-fix-10505-using-base64-encoding.patch, - 0007-bgpd-Make-sure-hdr-length-is-at-a-minimum-of-what-is.patch, - 0008-isisd-Ensure-rcap-is-freed-in-error-case.patch] - Update to version 8.4, see https://frrouting.org/release/8.4/ * New BGP command (neighbor PEER soo) to configure SoO to prevent routing loops and suboptimal routing on dual-homed sites. * Command debug bgp allow-martian replaced to bgp allow-martian-nexthop because previously we allowed using martian next-hops when debug is turned on. * Implement BGP Prefix Origin Validation State Extended Community rfc8097 * Implement Route Leak Prevention and Detection Using Roles in UPDATE and OPEN Messages rfc9234 * BMP L3VPN support * PIMv6 support * MLD support * New command to enable using reserved IPv4 ranges as normal addresses for BGP next-hops, interface addresses, etc. * As usual, lots of bugs and memory leaks were fixed \m/ such as a fix for a possible use-after-free due to a race condition related to bgp_notify_send_with_data() and bgp_process_packet() in bgp_packet.c. This could lead to Remote Code Execution or Information Disclosure by sending crafted BGP packets (CVE-2022-37035,bsc#1202085). - Update to version 8.3, see https://frrouting.org/release/8.3/ * Notification Message support for BGP Graceful Restart * BGP Cease Notification Subcode For BFD * Send Hold Timer for BGP * RFC5424 syslog support * PIM passive command - Update to version 8.2.2, see https://frrouting.org/release/8.2.2/ * BGP Long-lived graceful restart capability * BGP Extended Optional Parameters Length for BGP OPEN Message * BGP Extended BGP Administrative Shutdown Communication * IS-IS Link State Traffic Engineering support * OSPFv3 Support for NSSA Type-7 address ranges * PBR VLAN actions support- Apply upstream fix for out-of-bounds read in the BGP daemon that may lead to information disclosure or denial of service (bsc#1202023,CVE-2022-37032) [+ 0007-bgpd-Make-sure-hdr-length-is-at-a-minimum-of-what-is.patch] - Apply upstream fix for a memory leak in the IS-IS daemon that may lead to server memory exhaustion (bsc#1202022,CVE-2019-25074) [+ 0008-isisd-Ensure-rcap-is-freed-in-error-case.patch]- Make build a bit cheaper: do only BuildRequire the primary python interpreter and its modules (python3-FOO) instead of all available versions as done using %{python_module FOO}- Apply fix for a buffer overflow in isisd due to the use of strdup with a non-zero-terminated binary string (bsc#1196506,CVE-2022-26126) [+ 0006-isisd-fix-10505-using-base64-encoding.patch] - Apply fix for a buffer overflow in isisd due to wrong checks on the input packet length (bsc#1196505,CVE-2022-26125) with workaround for the GIT binary patch to tests/isisd/test_fuzz_isis_tlv_tests.h.gz [+ 0005-isisd-fix-router-capability-TLV-parsing-issues.patch] - Apply fix for a buffer overflow in babeld due to wrong checks on the input packet length in the packet_examin and subtlv parsing (bsc#1196504,bsc#1196507,CVE-2022-26128,CVE-2022-26129) [+ 0004-babeld-fix-10502-10503-by-repairing-the-checks-on-le.patch] - Apply fix for a heap buffer overflow in babeld due to missing check on the input packet length (bsc#1196503,CVE-2022-26127) [+ 0003-babeld-fix-10487-by-adding-a-check-on-packet-length.patch]- Add ReadWritePaths=/etc/frr to harden_frr.service.patch (bsc#1181400).- Update to version 8.1 * Graceful Restart for OSPFv2 and OSPFv3 * OSPFv3 NSSA and NSSA-TSA support * OSPFv3 ASBR Summarisation Support * BGP SRv6 and Prefix-SID Type 5 improvements * BGP EVPN type-5 gateway IP overlay Index * Lua hook support * See: https://frrouting.org/release/8.1/- Drop ProtectClock hardening, can cause issues if other device acceess is needed- Update to version 8.0.1 * refreshed patch: - 0001-disable-zmq-test.patch - harden_frr.service.patch * LDP gained SNMP support * OSPFv3 gained VRF support * EVPN Multihoming is now fully supported * TI-LFA implemented in IS-IS and OSPS * New Segment Routing daemon * See: https://frrouting.org/release/8.0/ and https://github.com/FRRouting/frr/releases/tag/frr-8.0.1- Added hardening to systemd service(s) (bsc#1181400). Added patch(es): * harden_frr.service.patch- Use skip, not xfail in 0001-disable-zmq-test.patch to disable zmq test as it is not expected to fail but hangs (bsc#1180217)- Update to version 7.5.1 * Maintenance release See: https://github.com/FRRouting/frr/blob/stable/7.5/changelog-auto.in- Requires libyang 1.0.184- Disable ZeroMQ tests due to sporadic timeouts during package builds (bsc#1180217) [+ 0001-disable-zmq-test.patch]- Update to version 7.5 * Upstream does not provide a changelog - Make grpc support optional and don't enable it by default- add build condition disabling mininet build require by default, needed by the optional topology tests. - removed one occurrence of vrrpd binary listed twice in file list- Update to version 7.4 * Upstream does not provide a changelog - Drop patch (fixed upstream): * 0001-build-use-configfile-mode-in-init-script.patch- 0001-build-use-configfile-mode-in-init-script.patch: Fix CVE-2020-12831 (boo#1171658).- Update to version 7.3.1 Bugfix/maintenance release * Upstream does not provide a changelog- enable verbose make rules - enable grpc support. new subpackage libfrrgrpc_pb0, new BR: pkgconfig(grpc) - enable config rollbacks. new BR: pkgconfig(sqlite3) - enable realms support - enable shell access - make sure we use system openssl - fix shebang line of the frr-reload.py and generate_support_bundle.py script so we dont pull python2 - do not delete users and groups. - add Requires for libyang-extentions- Update to version 7.3 * Upstream does not provide a changelog this time - Remove patch: * fix_tests.patch (not longer needed)- Update to version 7.2.1: BGPd * Fix Addpath issue * Do not apply eBGP policy for iBGP peers * Show ip and fqdn in json output for show [ip] bgp json * Fix large route-distinguisher's format * Fix no bgp listen range ... configuration command * Autocomplete neighbor for clear bgp * Reflect the distance in RIB when it is changed for an arbitrary afi/safi * Notify "Peer De-configured" after entering 'no neighbor cmd * Fix per afi/safi addpath peer counting * Rework BGP dampening to be per AFI/SAFI * Do not send next-hop as :: in MP_REACH_NLRI if no link-local exists * Override peer's TTL only if peer-group is configured with TTL * Remove error message for unkown afi/safi combination * Keep the session down if maximum-prefix is reached OSPFd * Fix BFD down not tearing down OSPF adjacency for point-to-point net BFDd * Fix multiple VRF handling * VRF security improvement PIMd * Fix rp crash NHRPd * Make sure no ip nhrp map works as expected LDPd * Add missing sanity check in the parsing of label messages Zebra * Use correct state when installing evpn macs * Capture dplane plugin flags lib * Fix interface config when vrf changes * Fix Interface Infinite Loop Walk (for special interfaces such as bond) Others * Rename man pages (to avoid conflicts with other packages) * Various other fixes for code cleanup and memory leaks- Fix license tag- Build with support for pcre, protobuf, rpki and zeromq by default- Cleanup spec file- Fix build-time dependencies - Remove superflous comments- fix_tests.patch: correct syntax for Python 3 imports in tests. - Enabling tests- Update to version frr7.2: * zebra: use correct state when installing evpn macs * lib: set entry to xpath in if_update_to_new_vrf * zebra: capture dplane plugin flags * bgpd: Autocomplete neighbor for clear bgp * ospfd,eigrpd: don't take address of packed struct member * bgpd: Prevent crash in bgp_table_range_lookup * bgpd: Fix memory leak in json output of show commands * tests: Test if `distance bgp (1-255) (1-255) (1-255)` works * bgpd: Reflect the distance in RIB when it is changed for an arbitrary afi/safi * bfdd: fix multiple VRF handling- Updating to version 7.2 - Adding systemd scripts - Fixing build and permission issues- Update to version 7.0.1- Initial package, version 6.0.2h01-ch3d 1732527319  !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~8.5.6-150500.4.30.18.5.6-150500.4.30.1frragg_table.hassert.hatomlist.hbase64.hbfd.hbfddbfddp_packet.hbitfield.hbuffer.hchecksum.hcommand.hcommand_graph.hcommand_match.hcompiler.hcspf.hcsv.hdb.hdebug.hdefaults.hdistribute.heigrpdeigrp_dump.heigrp_topology.heigrpd.hferr.hfilter.hfreebsd-queue.hfrr_pthread.hfrr_zmq.hfrratomic.hfrrcu.hfrrlua.hfrrscript.hfrrstr.hgetopt.hgraph.hhash.hhook.hiana_afi.hid_alloc.hif.hif_rmap.himsg.hipaddr.hjhash.hjson.hkeychain.hldp_sync.hlib_errors.hlib_vty.hlibfrr.hlibfrr_trace.hlibospf.hlink_state.hlinklist.hlog.hlog_vty.hmd5.hmemory.hmlag.hmodule.hmonotime.hmpls.hnetwork.hnexthop.hnexthop_group.hnexthop_group_private.hnorthbound.hnorthbound_cli.hnorthbound_db.hns.hopenbsd-queue.hopenbsd-tree.hospfapiospf_apiclient.hospfdospf_api.hospf_asbr.hospf_dump.hospf_dump_api.hospf_ism.hospf_lsa.hospf_lsdb.hospf_nsm.hospf_opaque.hospfd.hpbr.hplist.hprefix.hprintfrr.hprivs.hptm_lib.hpullwr.hpw.hqobj.hqueue.hresolver.hringbuf.hroute_opaque.hroute_types.hroutemap.hrouting_nb.hsbuf.hseqlock.hsha256.hsigevent.hskiplist.hsmux.hsockopt.hsockunion.hspf_backoff.hsrcdest_table.hsrte.hsrv6.hstream.hsystemd.htable.htc.htermtable.hthread.htrace.htyperb.htypesafe.hvector.hversion.hvlan.hvrf.hvrf_int.hvty.hvxlan.hwheel.hworkqueue.hxref.hyang.hyang_translator.hyang_wrappers.hzclient.hzebra.hzlog.hzlog_5424.hzlog_live.hzlog_targets.hlibfrr.solibfrr_pb.solibfrrcares.solibfrrfpm_pb.solibfrrospfapiclient.solibfrrsnmp.solibfrrzmq.solibmlag_pb.so/usr/include//usr/include/frr//usr/include/frr/bfdd//usr/include/frr/eigrpd//usr/include/frr/ospfapi//usr/include/frr/ospfd//usr/lib64/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.suse.de/SUSE:Maintenance:36493/SUSE_SLE-15-SP5_Update/effdc8da4f9c495c20d56eb12920a17e-frr.SUSE_SLE-15-SP5_Updatedrpmxz5x86_64-suse-linuxdirectoryC source, ASCII textC source, UTF-8 Unicode textC source, ASCII text, with very long linesߓSH5_-ٲutf-8fed7af4f22cd9ae8a5763d3fec992d803a72d730083aeb50eb4831d52b226d81?P7zXZ !t/J]"k%nuy:?$ h 5(P2Y> !(%k/y4fIV8o>,!YD&0/nyC]6څ"WuٸiJڤiB`AOݕ lmmuw6%$,hOP:o)^|I lQ{HjQr"~ zEwxx(s fLğv_3H*oL!DNC鮋3#(]8>^i"EZX֩ң4r㈀1D_Ϛ_e OgQ4F/VFocJAӥ󇃈^ЀBlC7b&RM@=_p/r~]\S?JiNe(asR7p "8Wk̒k*R#9')7ܸNwZ’vYz`#§>Fr+Gc5Uy s[UQlmQ"dJɶEeQQ̡_OU,LS*M4LeZS1.fn|yg (Ȍ6AkI?l*9`iA炳`ݘ/CV,lLA.g :fHqؚ1c36ZǑE'a8YrFg l~3z\/Z\QvE*[t<:S-B{Ol'x6 U;'z'&Fp%.*N4;-3[gFrU[!\ҭ4] %N~+%%Ms`AҦ̕SR 1W}۹VTGa2sv'+5aZ .tlm <-ܹkK=nmVтtYWhb-7'6XMܺ췝ߩE=Ž+w\.GR[lToav=Ԝľ^j24B:?ߙbRU^Az dh\Vt`qӆDD@\(%~"XZNWwIB)|F~| a _-Fd}gWӨ˕hYvM^݃I?tVloR THk~7m·*; 2/-|hDE%"hu <͑i.!Z34a$ϲLX`/r.JEGUcX퍡`hIpѢ韏عՠ;2)|p L Vɿ〟ktK bT d(FaKGWe9KaԘ(K3'֭ tG=uϫbg3evjA]ʐwa /6 z8/@ n9G!i (E$.a "-(TF,P*[zc!oܦ,މͬ'sv?"=M& RU~٬,'8X?b#P^`/𿬕^_&\ib' LXE6NK8wV]A#F_twRuPo3a9BP[GGJL$ rðnPtÕgz*~x(xj?SeP17(=CtpO:we@A5Ua 5׸m7vE [W]m neɅW.u`BN.o,1tNa:RKsb1 3KMݠKp4sJ-zX"GlgjAaҰ]᝱_ :ZV1[a{cIAvUdK0LXZV9vwy.aEVK9}PKǢQA, ;Okαa*dTG v'dV/%`;EGW O4pI@@k)x|piUL30cX3Z虞xf1$\:ŬDet42^Cxjȝk5E( _EnY 4BtkTr'![w\;稭h] jb$j#&zZ$95ٯAJ"/5xRaT! x:r;e%k_9gN S@#*R\5*mUz)ىۤI8"ӮSaw=AItA}zԓ~lt Y\;C'E8FҔ%ró"Σv_gW%-1&983BdkBz}(+bZ-i4WhYMY)}oU ePA(` aYzr.ԋDOT19XbF"vTSsP\~՛@ehx FyVK:7EPf[X7Zn֒q1yBGTe[F|psD?o';z# je!vM*(, CVXAfI a㪁(Z#aDYt<x&uҝ8[+~* ъP^2:u .Eh<.QaIO/Eہ ?zDXd<іsrJd,Ql`@q QxIYʂI[ȣ;_#(Z T)F&QXَ_Dy-{ Wb_/@p S]ƧƖ?+#~j$RuSȎlF̎`, mj8b+w}BF7~5ldPq! GM[˂d%Qs^<d@&dWbyml)RS8By (KQҼXpV; jlf>u'xrX9̨¶E%Nr^ n=@UϽct{n1QC!ք638+5xísNNO#Fy(ȻG8iɾ!~'4Fy[0gd;0.r^wm?|yO*۸ͺ)A BUcBTI{gfuF"W룯 'iq2*G_ICS V$u;4M;k9JK0{A|.+tGoiB(ˡ1׉]3qTg)'a3Ȼa x7F#W^,K6HZ]<" vM:ۆҏ3r@)&2c k?E:σ=%g>8#^ ՏEt9sl莴g;$/<<+>>-uF3r Nzoz0Cp#M[xg^n9vkIA^ xIa4&Щ#2-8({ݣ?$EiuJex(|"c^5&M0)̅}ݺv:?ιq(N-}4`e!dYFifM-PE\JB7nv}*ܬ O[dyDi;t+R ?R5y]u}Pfr(w(J1.񥔧.!{i:mx]ֲEH*cm.u֕lF4@"){Z$>3gk=Y&8Xg9Bt3`8l./| _-%ѧ9p`OW?tT^xI(0z`~ $!5kgYz<yCkṮx\LLtIJ.\OcD\E UPrُc8),4 d<z(EYuڻbA*}Ȫ6ߕ] V YZ