FRRouting Release 6.0.2

This is a maintenance release for a security (Denial of Service) issue
found with the expermimental BGP VNC Attribute (255).
Other experiments using the same attribute may bring down BGP peers
if they are malformed for the VNC parsing. (As required by RFC).
The update disables the parsing of the VNC attribute by default
to avoid this.

Beside this change, this release is similar to 6.0.1

Major Changes since 6.0 (already in 6.0.1)
 - New Debian Package structure without backports
 - Fix Memory Leak on FreeBSD
 - Fix BGP unnumbered peer setup
 - Various fixes for label manager
 - Various other fixes

Signed-off-by: Martin Winter <mwinter@opensourcerouting.org>

diff --git a/configure.ac b/configure.ac
index 6faa3b6c454b5132d01a7ce732dd3e37b71b667c..72747550dd86578fb627da9418353bcb0f4c7d80 100755 (executable)
--- a/configure.ac
+++ b/configure.ac
@@ -7,7 +7,7 @@
 ##
 AC_PREREQ(2.60)
 
-AC_INIT(frr, 6.0.1, [https://github.com/frrouting/frr/issues])
+AC_INIT(frr, 6.0.2, [https://github.com/frrouting/frr/issues])
 PACKAGE_URL="https://frrouting.org/"
 AC_SUBST(PACKAGE_URL)
 PACKAGE_FULLNAME="FRRouting"

diff --git a/redhat/frr.spec.in b/redhat/frr.spec.in
index f533f9f4a96dbccfe6f25db0c2d64fcca7e2670a..4e68365362568ea972549f9afa1a25ee1edf9588 100644 (file)
--- a/redhat/frr.spec.in
+++ b/redhat/frr.spec.in
@@ -663,7 +663,11 @@ fi
 
 
 %changelog
-* Sat Dec 29 2018 Martin Winter <mwinter@opensourcerouting.org> - %{version}
+* Tue Jan  8 2019 Martin Winter <mwinter@opensourcerouting.org> - %{version}
+- Security Issue (Denial of Service): Fix BGP Attribute 255 (experimental VNC)
+  handling
+
+* Sat Dec 29 2018 Martin Winter <mwinter@opensourcerouting.org> - 6.0.1
 - Various fixes for label manager
 - Fix BGP unnumbered peer setup
 - Various other fixes