1frr (@VERSION@-0) UNRELEASED; urgency=medium 2 3 * autoconf changelog entry -- for git autobuilds only. 4 remove and replace when creating releases! 5 (tools/tarsource.sh will handle this) 6 7 -- FRRouting-Dev <dev@lists.frrouting.org> Thu, 4 Mar 2021 00:10:00 +0100 8 9frr (7.5.1-0) RELEASED; urgency=medium 10 BABEL 11 Fix connected route leak on change 12 BFD 13 Session lookup was sometimes wrong 14 Memory leak and handling cleanups 15 In some situations handle vrf appropriately when receiving packets 16 BGP 17 Peer Group Inheritance Fixes 18 Dissallow attempt to peer peers reachable via blackholes 19 Send BMP down message when reachability fails 20 Cleanup handling of aggregator data when the AGG AS is 0 21 Handle `neighbor <peer-group allowas-in` config changes properly 22 Properly parse community and lcommunity values in some circumstances 23 Allow peer-groups to configure `ttl-security hops` 24 Prevent v6 routes with v4 nexthops from being installed 25 Allow `default-originate` to be cleared from a peer group 26 Fix evpn route-map vni filter at origin 27 local routes were using non-default distance 28 Properly track if the nexthop was updated in some circumstances 29 Cleanup `show running` when running bgp with `-e X` values 30 Various Memory leaks in show commands 31 Properly withdraw exported routes when deleting a VRF 32 Avoid resetting ebgp-multihop if peer setting is the same as peer-group 33 Properly encode flowspec rules to zebra in some rare circumstances 34 Generate statistics for routes in bgp when we have exactly 1 route 35 Properly apply route-map for the default-originate command 36 EIGRP 37 Properly set MTU for eigrp packets sent 38 Various memory leaks and using uninited data fixes 39 ISIS 40 When last area address is removed, resign if we were the DR 41 Various memory leaks and using uninited data fixes 42 LDP 43 Various memory leaks and using uninited data fixes 44 NHRP 45 Use onlink routes when prefix == nh 46 Shortcut routes are installed with proper nexthop 47 OSPF 48 Prevent duplicate packet read in multiple vrf situation 49 Fix area removal at interface level 50 Restore Point to MultiPoint interface types 51 Correctly handle MTU change on startup 52 Multi Instance initialization sometimes was not successful 53 NSSA translate-always was not working properly 54 OSPFv3 55 Don't send hellos on loopback interfaces 56 Handle ECMP better when a sub-path is removed 57 Memory leak and handling fixes 58 Fix Link LSA not updating when router priority is modified 59 Some output from show commands was wrong 60 Intra area remote connected prefixes sometimes not installed 61 PBR 62 Various memory leaks and using uninited data fixes 63 PIM 64 SGRpt prune received during prune didn't override holdtime 65 Various memory leaks and using uninited data fixes 66 STATIC 67 Fix VRF and usage on startup in some instances 68 Tableid was being mishandled in some cases 69 VTYSH 70 Disable bracketed paste in readline. 71 WATCHFRR 72 Various memory leaks and using uninited data fixes 73 ZEBRA 74 Always install blackhole routes using kernel routes instead of nexthops 75 Various memory leaks and using uninited data fixes 76 Dissallow resolution to duplicate nexthops that created infinite nexthops 77 Apply the route-map delay-timer globally 78 Some routes were stuck in Queued state when using the FPM 79 Better handle vrf creation when using namespaces 80 Set NUD_NOARP on sticky mac entries in addtion to NTF_STICKY 81 Allow `set src X` to work on startup 82 FRR Library 83 Fix a variety of memory leaks 84 Fix VRF Creation in some instances 85 RPKI context editing was not properly handled in reload situations 86 routemap code was not properly handling modification of CLI in some instances 87 SNAPCRAFT 88 Update to using rtrlib 0.7.0 89 Fix passthrough path for Libyang 1.x 90 ALPINE 91 Remove old docker deps 92 93 -- FRRouting-Dev <dev@lists.frrouting.org> Wed, 3 Mar 2021 23:56:00 +0100 94 95frr (7.5-0) RELEASED; urgency=medium 96 BFD 97 Profile support 98 Minimum ttl support 99 BGP 100 rpki VRF support 101 GR fixes 102 Add wide option to display of routes 103 Add `maximum-prefix <num> force` 104 Add `bestpath-routes` to neighbor command 105 Add `bgp shutdown message MSG...` command 106 Add v6 Flowspec support 107 Add `neighbor <neigh> shutdown rtt` command 108 Allow update-delay to be applied globaly 109 EVPN 110 Beginning of MultiHoming Support 111 ISIS 112 Segment Routing Support 113 VRF Support 114 Guard against adj timer display overflow 115 Add support for Anycast-SIDs 116 Add support for Topology Independent LFA (TI-LFA) 117 Add `lsp-gen-interval 2` to isis configuration 118 OSPF 119 Segment Routing support for ECMP 120 Various LSA fixes 121 Prevent crash if transferring config amongst instances 122 PBR 123 Adding json support to commands 124 DSCP/ECN based PBR Matching 125 PIM 126 Add more json support to commands 127 Fix missing mesh-group commands 128 MSDP SA forwarding 129 Clear (s,g,rpt) ifchannel on (*, G) prune received 130 Fix igmp querier election and IP address mapping 131 Crash fix when RP is removed 132 STATIC 133 Northbound Support 134 YANG 135 Filter and route-map Support 136 OSPF model definition 137 BGP model definition 138 VTYSH 139 Speed up output across daemons 140 Fix build-time errors for some --enable flags 141 Speed up output of configuration across daemons 142 ZEBRA 143 nexthop group support for FPM 144 northbound support for rib model 145 Backup nexthop support 146 netlink batching support 147 Allow upper level protocols to request ARP 148 Add json output for zebra ES, ES-EVI and access vlan dumps 149 150 Upgrade to using libyang1.0.184 151 152 RPM 153 Moved RPKI to subpackage 154 Added SNMP subpackage 155 156 As always there are too many bugfixes to list individually. This release 157 compromises just over 1k of commits by the community, with contributors from 158 70 people. 159 160 -- FRRouting-Dev <dev@lists.frrouting.org> Tue, 2 Nov 2020 08:04:23 +0400 161 162frr (6.0-2) testing; urgency=medium 163 164 * add install-info to build deps 165 * remove trailing whitespace from control 166 * cleanup tcp-zebra configure options 167 * drop unused SMUX client OID MIBs 168 * remove /proc check 169 * remove --enable-poll 170 * remove libtool .la files 171 * drop texlive-latex-base, texlive-generic-recommended build deps 172 * consistently allow python2 or python3 173 * remove bad USE_* options, add WERROR 174 * drop libncurses5 dep 175 * remove backports mechanism 176 * use better dependency for pythontools (binNMU compatible) 177 * remove bogus shlib:Depends on frr-dbg 178 * create frr-snmp and frr-rpki-rtrlib 179 * make frr-pythontools a "Recommends:" 180 * use redistclean target 181 * update to Debian Policy version 4.2.1 182 * raise debhelper compat level to 9 183 * ditch development-only files 184 * modernise dh_missing and use fail mode 185 * disable zeromq and FPM 186 * always install /etc/init.d/frr 187 * put frr-doc package in 'doc' section 188 * install HTML docs, drop tools/ 189 * fix install for {frr,rfptest,ospfclient} 190 * add watch file 191 * change python dependency and shebang to python3:any 192 * use set -e in maintscripts 193 * put myself in as maintainer 194 * update copyright file 195 * closes: #863249 196 197 -- David Lamparter <equinox-debian@diac24.net> Thu, 25 Oct 2018 16:36:50 +0200 198 199frr (6.0-1) RELEASED; urgency=medium 200 201 * New Enabled: PIM draft Unnumbered 202 203 -- FRRouting-Dev <dev@lists.frrouting.org> Wed, 18 Oct 2017 17:01:42 -0700 204 205frr (3.0-1) RELEASED; urgency=medium 206 207 * Added Debian 9 Backport 208 209 -- FRRouting-Dev <dev@lists.frrouting.org> Mon, 16 Oct 2017 03:28:00 -0700 210 211frr (3.0-0) RELEASED; urgency=medium 212 213 * New Enabled: BGP Shutdown Message 214 * New Enabled: BGP Large Community 215 * New Enabled: BGP RFC 7432 Partial Support w/ Ethernet VPN 216 * New Enabled: BGP EVPN RT-5 217 * New Enabled: LDP RFC 5561 218 * New Enabled: LDP RFC 5918 219 * New Enabled: LDP RFC 5919 220 * New Enabled: LDP RFC 6667 221 * New Enabled: LDP RFC 7473 222 * New Enabled: OSPF RFC 4552 223 * New Enabled: ISIS SPF Backoff draft 224 * New Enabled: PIM Unnumbered Interfaces 225 * New Enabled: PIM RFC 4611 226 * New Enabled: PIM Sparse Mode 227 * New Enabled: NHRP RFC 2332 228 * New Enabled: Label Manager 229 * Switched from hardening-wrapper to dpkg-buildflags. 230 231 -- FRRouting-Dev <dev@lists.frrouting.org> Fri, 13 Oct 2017 16:17:26 -0700 232 233frr (2.0-0) RELEASED; urgency=medium 234 235 * Switchover to FRR 236 237 -- FRRouting-Dev <dev@lists.frrouting.org> Mon, 23 Jan 2017 16:30:22 -0400 238 239quagga (0.99.24+cl3u5) RELEASED; urgency=medium 240 241 * Closes: CM-12846 - Resolve Memory leaks in 'show ip bgp neighbor json' 242 * Closes: CM-5878 - Display all ospf peers with 'show ip ospf neighbor detail all' 243 * Closes: CM-5794 - Add support for IPv6 static to null0 244 * Closes: CM-13060 - Reduce JSON memory usage. 245 * Closes: CM-10394 - protect 'could not get instance' error messages with debug 246 * Closes: CM-11173 - Move netlink error messages undeer a debug 247 * Closes: CM-13328 - Fixes route missing in hardware after reboot 248 249 -- dev-support <dev-support@cumulusnetworks.com> Fri, 11 Nov 2016 22:13:29 -0400 250 251quagga (0.99.24+cl3u4) RELEASED; urgency=medium 252 253 * Closes: CM-12687 - Buffer overflow in zebra RA code 254 255 -- dev-support <dev-support@cumulusnetworks.com> Wed, 31 Aug 2016 12:36:10 -0400 256 257quagga (0.99.24+cl3u3) RELEASED; urgency=medium 258 259 * New Enabled: Merge up-to 0.99.24 code from upstream 260 * New Enabled: Additional CLI simplification 261 * New Enabled: Various Bug Fixes 262 263 -- dev-support <dev-support@cumulusnetworks.com> Thu, 04 Aug 2016 08:43:36 -0700 264 265quagga (0.99.23.1-1+cl3u2) RELEASED; urgency=medium 266 267 * New Enabled: VRF - See Documentation for how to use 268 * New Enabled: Improved interface statistics 269 * New Enabled: Various vtysh improvements 270 * New Enabled: Numerous compile warnings and SA fixes 271 * New Enabled: Improved priviledge handlingA 272 * New Enabled: Various OSPF CLI fixes 273 * New Enabled: Prefix-list Performance Improvements. 274 * New Enabled: Allow more than 1k peers in Quagga 275 and Performance Improvements 276 * New Enabled: Systemd integration 277 * New Enabled: Various ISIS fixes 278 * New Enabled: BGP MRT improvements 279 * New Enabled: Lowered default MRAI timers 280 * New Enabled: Lowered default 'timers connect' 281 * New Enabled: 'bgp log-neighbor-changes' enabled by default 282 * New Enabled: BGP default keepalive to 3s and holdtime to 9s 283 * New Enabled: OSPF spf timers are now '0 50 5000' by default 284 * New Enabled: BGP hostname is displayed by default 285 * New Enabled: BGP 'no-as-set' is the default for 286 'bgp as-path multipath-relax" 287 * New Enabled: RA is on by default if using 5549 on an interface 288 * New Enabled: peer-group restrictions relaxed, update-groups determine 289 outbund policy anyway 290 * New Enabled: BGP enabled 'maximum-paths 64' by default 291 * New Enabled: OSPF "log-adjacency-changes" on by default 292 * New Enabled: Zebra: Add IPv6 protocol filtering support 293 * and setting src of IPv6 routes. 294 * New Enabled: BGP and OSPF JSON commands added. 295 * New Enabled: BGP Enable multiple instances support by default 296 * New Enabled: 'banner motd file' command 297 * New Enabled: Remove bad default passwords from default conf 298 * New Enabled: BGP addpath TX 299 * New Enabled: Simplified configuration for BGP Unnumbered 300 301 * New Deprecated: Remove unused 'show memory XXX' functionality 302 * New Deprecated: Remove babel protocol 303 304 * Closes: CM-10435 Addition on hidden command 305 "bfd multihop/singlehop" and "ptm-enable" per interface command 306 * Closes: CM-9974 Get route counts right for show ip route summary 307 * Closes: CM-9786 BGP memory leak in peer hostname 308 * Closes: CM-9340 BGP: Ensure correct sequence of processing at exit 309 * Closes: CM-9270 ripd: Fix crash when a default route is passed to rip 310 * Closes: CM-9255 BGPD crash around bgp_config_write () 311 * Closes: CM-9134 ospf6d: Fix for crash when non area 0 network 312 entered first 313 * Closes: CM-8934 OSPFv3: Check area before scheduling SPF 314 * Closes: CM-8514 zebra: Crash upon disabling a link 315 * Closes: CM-8295 BGP crash in group_announce_route_walkcb 316 * Closes: CM-8191 BGP: crash in update_subgroup_merge() 317 * Closes: CM-8015 lib: Memory reporting fails over 2GB 318 * Closes: CM-7926 BGP: crash from not NULLing freed pointers 319 320 -- dev-support <dev-support@cumulusnetworks.com> Wed, 04 May 2016 16:22:52 -0700 321 322quagga (0.99.23.1-1) unstable; urgency=medium 323 324 * New upstream release 325 * Added .png figures for info files to quagga-doc package. 326 * Changed dependency from iproute to iproute2 (thanks to Andreas 327 Henriksson). Closes: #753736 328 * Added texlive-fonts-recommended to build-depends to get ecrm1095 font 329 (thanks to Christoph Biedl). Closes: #651545 330 331 -- Christian Brunotte <ch@debian.org> Tue, 30 Sep 2014 00:20:12 +0200 332 333quagga (0.99.23-1) unstable; urgency=low 334 335 * New upstream release 336 * Removed debian/patches/readline-6.3.diff which was already in upstream. 337 338 -- Christian Hammers <ch@debian.org> Tue, 08 Jul 2014 09:15:48 +0200 339 340quagga (0.99.22.4-4) unstable; urgency=medium 341 342 * Fix build failure with readline-6.3 (thanks to Matthias Klose). 343 Closes: #741774 344 345 -- Christian Hammers <ch@debian.org> Sun, 23 Mar 2014 15:28:42 +0100 346 347quagga (0.99.22.4-3) unstable; urgency=low 348 349 * Added status to init script (thanks to Peter J. Holzer). Closes: #730625 350 * Init script now sources /lib/lsb/init-functions. 351 * Switched from hardening-wrapper to dpkg-buildflags. 352 353 -- Christian Hammers <ch@debian.org> Wed, 01 Jan 2014 19:12:01 +0100 354 355quagga (0.99.22.4-2) unstable; urgency=low 356 357 * Fixed typo in package description (thanks to Davide Prina). 358 Closes: #625860 359 * Added Italian Debconf translation (thanks to Beatrice Torracca) 360 Closes: #729798 361 362 -- Christian Hammers <ch@debian.org> Tue, 26 Nov 2013 00:47:11 +0100 363 364quagga (0.99.22.4-1) unstable; urgency=high 365 366 * SECURITY: 367 "ospfd: CVE-2013-2236, stack overrun in apiserver 368 369 the OSPF API-server (exporting the LSDB and allowing announcement of 370 Opaque-LSAs) writes past the end of fixed on-stack buffers. This leads 371 to an exploitable stack overflow. 372 373 For this condition to occur, the following two conditions must be true: 374 - Quagga is configured with --enable-opaque-lsa 375 - ospfd is started with the "-a" command line option 376 377 If either of these does not hold, the relevant code is not executed and 378 the issue does not get triggered." 379 Closes: #726724 380 381 * New upstream release 382 - ospfd: protect vs. VU#229804 (malformed Router-LSA) 383 (Quagga is said to be non-vulnerable but still adds some protection) 384 385 -- Christian Hammers <ch@debian.org> Thu, 24 Oct 2013 22:58:37 +0200 386 387quagga (0.99.22.1-2) unstable; urgency=low 388 389 * Added autopkgtests (thanks to Yolanda Robla). Closes: #710147 390 * Added "status" command to init script (thanks to James Andrewartha). 391 Closes: #690013 392 * Added "libsnmp-dev" to Build-Deps. There not needed for the official 393 builds but for people who compile Quagga themselves to activate the 394 SNMP feature (which for licence reasons cannot be done by Debian). 395 Thanks to Ben Winslow). Closes: #694852 396 * Changed watchquagga_options to an array so that quotes can finally 397 be used as expected. Closes: #681088 398 * Fixed bug that prevented restarting only the watchquagga daemon 399 (thanks to Harald Kappe). Closes: #687124 400 401 -- Christian Hammers <ch@debian.org> Sat, 27 Jul 2013 16:06:25 +0200 402 403quagga (0.99.22.1-1) unstable; urgency=low 404 405 * New upstream release 406 - ospfd restore nexthop IP for p2p interfaces 407 - ospfd: fix LSA initialization for build without opaque LSA 408 - ripd: correctly redistribute ifindex routes (BZ#664) 409 - bgpd: fix lost passwords of grouped neighbors 410 * Removed 91_ld_as_needed.diff as it was found in the upstream source. 411 412 -- Christian Hammers <ch@debian.org> Mon, 22 Apr 2013 22:21:20 +0200 413 414quagga (0.99.22-1) unstable; urgency=low 415 416 * New upstream release. 417 - [bgpd] The semantics of default-originate route-map have changed. 418 The route-map is now used to advertise the default route conditionally. 419 The old behaviour which allowed to set attributes on the originated 420 default route is no longer supported. 421 - [bgpd] this version of bgpd implements draft-idr-error-handling. This was 422 added in 0.99.21 and may not be desirable. If you need a version 423 without this behaviour, please use 0.99.20.1. There will be a 424 runtime configuration switch for this in future versions. 425 - [isisd] is in "beta" state. 426 - [ospf6d] is in "alpha/experimental" state 427 - More changes are documented in the upstream changelog! 428 * debian/watch: Adjusted to new savannah.gnu.org site, thanks to Bart 429 Martens. 430 * debian/patches/99_CVE-2012-1820_bgp_capability_orf.diff removed as its 431 in the changelog. 432 * debian/patches/99_distribute_list.diff removed as its in the changelog. 433 * debian/patches/10_doc__Makefiles__makeinfo-force.diff removed as it 434 was just for Debian woody. 435 436 -- Christian Hammers <ch@debian.org> Thu, 14 Feb 2013 00:22:00 +0100 437 438quagga (0.99.21-4) unstable; urgency=medium 439 440 * Fixed regression bug that caused OSPF "distribute-list" statements to be 441 silently ignored. The patch has already been applied upstream but there 442 has been no new Quagga release since then. 443 Thanks to Hans van Kranenburg for reporting. Closes: #697240 444 445 -- Christian Hammers <ch@debian.org> Sun, 06 Jan 2013 15:50:32 +0100 446 447quagga (0.99.21-3) unstable; urgency=high 448 449 * SECURITY: 450 CVE-2012-1820 - Quagga contained a bug in BGP OPEN message handling. 451 A denial-of-service condition could be caused by an attacker controlling 452 one of the pre-configured BGP peers. In most cases this means, that the 453 attack must be originated from an adjacent network. Closes: #676510 454 455 -- Christian Hammers <ch@debian.org> Fri, 08 Jun 2012 01:15:32 +0200 456 457quagga (0.99.21-2) unstable; urgency=low 458 459 * Renamed babeld.8 to quagga-babeld.8 as it conflicted with the 460 original mapage of the babeld package which users might want to 461 install in parallel as it is slightly more capable. Closes: #671916 462 463 -- Christian Hammers <ch@debian.org> Thu, 10 May 2012 07:53:01 +0200 464 465quagga (0.99.21-1) unstable; urgency=low 466 467 * New upstream release 468 - [bgpd] BGP multipath support has been merged 469 - [bgpd] SAFI (Multicast topology) support has been extended to propagate 470 the topology to zebra. 471 - [bgpd] AS path limit functionality has been removed 472 - [babeld] a new routing daemon implementing the BABEL ad-hoc mesh routing 473 protocol has been merged. 474 - [isisd] a major overhaul has been picked up. Please note that isisd is 475 STILL NOT SUITABLE FOR PRODUCTION USE. 476 - a lot of bugs have been fixed 477 * Added watchquagga daemon. 478 * Added DEP-3 conforming patch comments. 479 480 -- Christian Hammers <ch@debian.org> Sun, 06 May 2012 15:33:33 +0200 481 482quagga (0.99.20.1-1) unstable; urgency=high 483 484 * SECURITY: 485 CVE-2012-0249 - Quagga ospfd DoS on malformed LS-Update packet 486 CVE-2012-0250 - Quagga ospfd DoS on malformed Network-LSA data 487 CVE-2012-0255 - Quagga bgpd DoS on malformed OPEN message 488 * New upstream release. Closes: #664033 489 490 -- Christian Hammers <ch@debian.org> Fri, 16 Mar 2012 22:14:05 +0100 491 492quagga (0.99.20-4) unstable; urgency=low 493 494 * Switch to dpkg-source 3.0 (quilt) format. 495 * Switch to changelog-format-1.0. 496 497 -- Christian Hammers <ch@debian.org> Sat, 25 Feb 2012 18:52:06 +0100 498 499quagga (0.99.20-3) unstable; urgency=low 500 501 * Added --sysconfdir back to the configure options (thanks to Sven-Haegar 502 Koch). Closes: #645649 503 504 -- Christian Hammers <ch@debian.org> Tue, 18 Oct 2011 00:24:37 +0200 505 506quagga (0.99.20-2) unstable; urgency=low 507 508 * Bumped standards version to 0.9.2. 509 * Migrated to "dh" build system. 510 * Added quagga-dbg package. 511 512 -- Christian Hammers <ch@debian.org> Fri, 14 Oct 2011 23:59:26 +0200 513 514quagga (0.99.20-1) unstable; urgency=low 515 516 * New upstream release: 517 "The primary focus of this release is a fix of SEGV regression in ospfd, 518 which was introduced in 0.99.19. It also features a series of minor 519 improvements, including better RFC compliance in bgpd, better support 520 of FreeBSD and some enhancements to isisd." 521 * Fixes off-by-one bug (removed 20_ospf6_area_argv.dpatch). Closes: #519488 522 523 -- Christian Hammers <ch@debian.org> Fri, 30 Sep 2011 00:59:24 +0200 524 525quagga (0.99.19-1) unstable; urgency=high 526 527 * SECURITY: 528 "This release provides security fixes, which address assorted 529 vulnerabilities in bgpd, ospfd and ospf6d (CVE-2011-3323, 530 CVE-2011-3324, CVE-2011-3325, CVE-2011-3326 and CVE-2011-3327). 531 * New upstream release. 532 * Removed incorporated debian/patches/92_opaque_lsa_enable.dpatch. 533 * Removed incorporated debian/patches/93_opaque_lsa_fix.dpatch. 534 * Removed obsolete debian/README.Debian.Woody and README.Debian.MD5. 535 536 -- Christian Hammers <ch@debian.org> Tue, 27 Sep 2011 00:16:27 +0200 537 538quagga (0.99.18-1) unstable; urgency=low 539 540 * SECURITY: 541 "This release fixes 2 denial of services in bgpd, which can be remotely 542 triggered by malformed AS-Pathlimit or Extended-Community attributes. 543 These issues have been assigned CVE-2010-1674 and CVE-2010-1675. 544 Support for AS-Pathlimit has been removed with this release." 545 * Added Brazilian Portuguese debconf translation. Closes: #617735 546 * Changed section for quagga-doc from "doc" to "net". 547 * Added patch to fix FTBFS with latest GCC. Closes: #614459 548 549 -- Christian Hammers <ch@debian.org> Tue, 22 Mar 2011 23:13:34 +0100 550 551quagga (0.99.17-4) unstable; urgency=low 552 553 * Added comment to init script (thanks to Marc Haber). Closes: #599524 554 555 -- Christian Hammers <ch@debian.org> Thu, 13 Jan 2011 23:53:29 +0100 556 557quagga (0.99.17-3) unstable; urgency=low 558 559 * Fix FTBFS with ld --as-needed (thanks to Matthias Klose at Ubuntu). 560 Closes: #609555 561 562 -- Christian Hammers <ch@debian.org> Thu, 13 Jan 2011 23:27:06 +0100 563 564quagga (0.99.17-2) unstable; urgency=low 565 566 * Added Danisch Debconf translation (thanks to Joe Dalton). Closes: #596259 567 568 -- Christian Hammers <ch@debian.org> Sat, 18 Sep 2010 12:20:07 +0200 569 570quagga (0.99.17-1) unstable; urgency=high 571 572 * SECURITY: 573 "This release provides two important bugfixes, which address remote crash 574 possibility in bgpd discovered by CROSS team.": 575 1. Stack buffer overflow by processing certain Route-Refresh messages 576 CVE-2010-2948 577 2. DoS (crash) while processing certain BGP update AS path messages 578 CVE-2010-2949 579 Closes: #594262 580 581 -- Christian Hammers <ch@debian.org> Wed, 25 Aug 2010 00:52:48 +0200 582 583quagga (0.99.16-1) unstable; urgency=low 584 585 * New upstream release. Closes: #574527 586 * Added chrpath to debian/rules to fix rpath problems that lintian spottet. 587 588 -- Christian Hammers <ch@debian.org> Sun, 21 Mar 2010 17:05:40 +0100 589 590quagga (0.99.15-2) unstable; urgency=low 591 592 * Applied patch for off-by-one bug in ospf6d that caused a segmentation 593 fault when using the "area a.b.c.d filter-list prefix" command (thanks 594 to Steinar H. Gunderson). Closes: 519488 595 596 -- Christian Hammers <ch@debian.org> Sun, 14 Feb 2010 20:02:03 +0100 597 598quagga (0.99.15-1) unstable; urgency=low 599 600 * New upstream release 601 "This fixes some annoying little ospfd and ospf6d regressions, which made 602 0.99.14 a bit of a problem release (...) This release still contains a 603 regression in the "no ip address ..." command, at least on Linux. 604 See bug #486, which contains a workaround patch. This release should be 605 considered a 1.0.0 release candidate. Please test this release as widely 606 as possible." 607 * Fixed wrong port number in zebra.8 (thanks to Thijs Kinkhorst). 608 Closes: #517860 609 * Added Russian Debconf tanslation (thanks to Yuri Kozlov). 610 Closes: #539464 611 * Removed so-version in build-dep to libreadline-dev on request of 612 Matthias Klose. 613 * Added README.source with reference to dpatch as suggested by lintian. 614 * Bumped standards versionto 3.8.3. 615 616 -- Christian Hammers <ch@debian.org> Sun, 13 Sep 2009 18:12:06 +0200 617 618quagga (0.99.14-1) unstable; urgency=low 619 620 * New upstream release 621 "This release contains a regression fix for ospf6d, various small fixes 622 and some hopefully very significant bgpd stability fixes. 623 This release should be considered a 1.0.0 release candidate. Please test 624 this release as widely as possible." 625 * Fixes bug with premature LSA aging in ospf6d. Closes: #535030 626 * Fixes section number in zebra.8 manpage. Closes: #517860 627 628 -- Christian Hammers <ch@debian.org> Sat, 25 Jul 2009 00:40:38 +0200 629 630quagga (0.99.13-2) unstable; urgency=low 631 632 * Added Japanese Debconf translation (thanks to Hideki Yamane). 633 Closes: #510714 634 * When checking for obsoleted config options in preinst, print filename 635 where it occures (thanks to Michael Bussmann). Closes: #339489 636 637 -- Christian Hammers <ch@debian.org> Sun, 19 Jul 2009 17:13:23 +0200 638 639quagga (0.99.13-1) unstable; urgency=low 640 641 * New upstream release 642 "This release is contains a number of small fixes, for potentially 643 irritating issues, as well as small enhancements to vtysh and support 644 for linking to PCRE (a much faster regex library)." 645 * Added build-dep to gawk as configure required it for memtypes.awk 646 * Replaced build-dep to gs-gpl with ghostscript as requested by lintian 647 * Minor changes to copyright and control files to make lintian happy. 648 649 -- Christian Hammers <ch@debian.org> Wed, 24 Jun 2009 17:53:28 +0200 650 651quagga (0.99.12-1) unstable; urgency=high 652 653 * New upstream release 654 "This release fixes an urgent bug in bgpd where it could hit an assert 655 if it received a long AS_PATH with a 4-byte ASN." Noteworthy bugfixes: 656 + [bgpd] Fix bgp ipv4/ipv6 accept handling 657 + [bgpd] AS4 bugfix by Chris Caputo 658 + [bgpd] Allow accepted peers to progress even if realpeer is in Connect 659 + [ospfd] Switch Fletcher checksum back to old ospfd version 660 661 -- Christian Hammers <ch@debian.org> Mon, 22 Jun 2009 00:16:33 +0200 662 663quagga (0.99.11-1) unstable; urgency=low 664 665 * New upstream release 666 "Most regressions in 0.99 over 0.98 are now believed to be fixed. This 667 release should be considered a release-candidate for a new stable series." 668 + bgpd: Preliminary UI and Linux-IPv4 support for TCP-MD5 merged 669 + zebra: ignore dead routes in RIB update 670 + [ospfd] Default route needs to be refreshed after neighbour state change 671 + [zebra:netlink] Set proto/scope on all route update messages 672 * Removed debian/patches/20_*bgp*md5*.dpatch due to upstream support. 673 674 -- Christian Hammers <ch@debian.org> Thu, 09 Oct 2008 22:56:38 +0200 675 676quagga (0.99.10-1) unstable; urgency=medium 677 678 * New upstream release 679 + bgpd: 4-Byte AS Number support 680 + Sessions were incorrectly reset if a partial AS-Pathlimit attribute 681 was received. 682 + Advertisement of Multi-Protocol prefixes (i.e. non-IPv4) had been 683 broken in the 0.99.9 release. Closes: #467656 684 685 -- Christian Hammers <ch@debian.org> Tue, 08 Jul 2008 23:32:42 +0200 686 687quagga (0.99.9-6) unstable; urgency=low 688 689 * Fixed FTBFS by adding a build-dep to libpcre3-dev (thanks to Luk Claes). 690 Closes: #469891 691 692 -- Christian Hammers <ch@debian.org> Sat, 12 Apr 2008 12:53:51 +0200 693 694quagga (0.99.9-5) unstable; urgency=low 695 696 * C.J. Adams-Collier and Paul Jakma suggested to build against libpcre3 697 which is supposed to be faster. 698 699 -- Christian Hammers <ch@debian.org> Sun, 02 Mar 2008 13:19:42 +0100 700 701quagga (0.99.9-4) unstable; urgency=low 702 703 * Added hardening-wrapper to the build-deps (thanks to Moritz Muehlenhoff). 704 705 -- Christian Hammers <ch@debian.org> Tue, 29 Jan 2008 22:33:56 +0100 706 707quagga (0.99.9-3) unstable; urgency=low 708 709 * Replaced the BGP patch by a new one so that the package builds again 710 with kernels above 2.6.21! 711 * debian/control: 712 + Moved quagga-doc to section doc to make lintian happy. 713 * Added Spanish debconf translation (thanks to Carlos Galisteo de Cabo). 714 Closes: #428574 715 * debian/control: (thanks to Marco Rodrigues) 716 + Bump Standards-Version to 3.7.3 (no changes needed). 717 + Add Homepage field. 718 719 -- Christian Hammers <ch@debian.org> Mon, 28 Jan 2008 22:29:18 +0100 720 721quagga (0.99.9-2.1) unstable; urgency=low 722 723 * Non-maintainer upload. 724 * debian/rules: fixed bashisms. (Closes: #459122) 725 726 -- Miguel Angel Ruiz Manzano <debianized@gmail.com> Tue, 22 Jan 2008 14:37:21 -0300 727 728quagga (0.99.9-2) unstable; urgency=low 729 730 * Added CVE id for the security bug to the last changelog entry. 731 Closes: 442133 732 733 -- Christian Hammers <ch@debian.org> Tue, 25 Sep 2007 22:01:31 +0200 734 735quagga (0.99.9-1) unstable; urgency=high 736 737 * SECURITY: 738 "This release fixes two potential DoS conditions in bgpd, reported by Mu 739 Security, where a bgpd could be crashed if a peer sent a malformed OPEN 740 message or a malformed COMMUNITY attribute. Only configured peers can do 741 this, hence we consider these issues to be very low impact." CVE-2007-4826 742 743 -- Christian Hammers <ch@debian.org> Wed, 12 Sep 2007 21:12:41 +0200 744 745quagga (0.99.8-1) unstable; urgency=low 746 747 * New upstream version. 748 749 -- Christian Hammers <ch@debian.org> Fri, 17 Aug 2007 00:07:04 +0200 750 751quagga (0.99.7-3) unstable; urgency=medium 752 753 * Applied patch for FTBFS with linux-libc-dev (thanks to Andrew J. Schorr 754 and Lucas Nussbaum). Closes: #429003 755 756 -- Christian Hammers <ch@debian.org> Fri, 22 Jun 2007 21:34:55 +0200 757 758quagga (0.99.7-2) unstable; urgency=low 759 760 * Added Florian Weimar as co-maintainer. Closes: 421977 761 * Added Dutch debconf translation (thanks to Bart Cornelis). 762 Closes: #420932 763 * Added Portuguese debconf translation (thanks to Rui Branco). 764 Closes: #421185 765 * Improved package description (thanks to Reuben Thomas). 766 Closes: #418933 767 * Added CVE Id to 0.99.6-5 changelog entry. 768 769 -- Christian Hammers <ch@debian.org> Wed, 02 May 2007 20:27:12 +0200 770 771quagga (0.99.7-1) unstable; urgency=low 772 773 * New upstream release. Closes: #421553 774 775 -- Christian Hammers <ch@debian.org> Mon, 30 Apr 2007 14:22:34 +0200 776 777quagga (0.99.6-6) unstable; urgency=medium 778 779 * Fixes FTBFS with tetex-live. Closes: #420468 780 781 -- Christian Hammers <ch@debian.org> Mon, 23 Apr 2007 21:34:13 +0200 782 783quagga (0.99.6-5) unstable; urgency=high 784 785 * SECURITY: 786 The bgpd daemon was vulnerable to a Denial-of-Service. Configured peers 787 could cause a Quagga bgpd to, typically, assert() and abort. The DoS 788 could be triggered by peers by sending an UPDATE message with a crafted, 789 malformed Multi-Protocol reachable/unreachable NLRI attribute. 790 This is CVE-2007-1995 and Quagga Bug#354. Closes: #418323 791 792 -- Christian Hammers <ch@debian.org> Thu, 12 Apr 2007 23:21:58 +0200 793 794quagga (0.99.6-4) unstable; urgency=low 795 796 * Improved note in README.Debian for SNMP self-builders (thanks to Matthias 797 Wamser). Closes: #414788 798 799 -- Christian Hammers <ch@debian.org> Wed, 14 Mar 2007 02:18:57 +0100 800 801quagga (0.99.6-3) unstable; urgency=low 802 803 * Updated German Debconf translation (thanks to Matthias Julius). 804 Closes: #409327 805 806 -- Christian Hammers <ch@debian.org> Sat, 10 Feb 2007 15:06:16 +0100 807 808quagga (0.99.6-2) unstable; urgency=low 809 810 * Updated config.guess/config.sub as suggested by lintian. 811 * Corrected README.Debian text regarding the WANT_SNMP flag. 812 813 -- Christian Hammers <ch@debian.org> Sun, 17 Dec 2006 01:45:37 +0100 814 815quagga (0.99.6-1) unstable; urgency=low 816 817 * New upstream release. Closes: #402361 818 819 -- Christian Hammers <ch@debian.org> Mon, 11 Dec 2006 00:28:09 +0100 820 821quagga (0.99.5-5) unstable; urgency=high 822 823 * Changed Depends on adduser to Pre-Depends to avoid uninstallability 824 in certain cases (thanks to Steve Langasek, Lucas Nussbaum). 825 Closes: #398562 826 827 -- Christian Hammers <ch@debian.org> Wed, 15 Nov 2006 17:46:34 +0100 828 829quagga (0.99.5-4) unstable; urgency=low 830 831 * Added default PAM file and some explanations regarding PAM authentication 832 of vtysh which could prevent the start at boot-time when used wrong. 833 Now PAM permits anybody to access the vtysh tool (a malicious user could 834 build his own vtysh without PAM anyway) and the access is controled by 835 the read/write permissions of the vtysh socket which are only granted to 836 users belonging to the quaggavty group (thanks to Wakko Warner). 837 Closes: #389496 838 * Added "case" to prerm script so that the Debconf question is not called a 839 second time in e.g. "new-prerm abort-upgrade" after being NACKed in the 840 old-prerm. 841 842 -- Christian Hammers <ch@debian.org> Fri, 3 Nov 2006 01:22:15 +0100 843 844quagga (0.99.5-3) unstable; urgency=medium 845 846 * Backport CVS fix for an OSPF DD Exchange regression (thanks to Matt 847 Brown). Closes: #391040 848 849 -- Christian Hammers <ch@debian.org> Wed, 25 Oct 2006 19:47:11 +0200 850 851quagga (0.99.5-2) unstable; urgency=medium 852 853 * Added LSB info section to initscript. 854 * Removed unnecessary depends to libncurses5 to make checklib happy. 855 The one to libcap should remain though as it is just temporarily 856 unused. 857 858 -- Christian Hammers <ch@debian.org> Thu, 21 Sep 2006 00:04:07 +0200 859 860quagga (0.99.5-1) unstable; urgency=low 861 862 * New upstream release. Closes: #38704 863 * Upstream fixes ospfd documentary inconsistency. Closes: #347897 864 * Changed debconf question in prerm to "high" (thanks to Rafal Pietrak). 865 866 -- Christian Hammers <ch@debian.org> Mon, 11 Sep 2006 23:43:42 +0200 867 868quagga (0.99.4-4) unstable; urgency=low 869 870 * Recreate /var/run if not present because /var is e.g. on a tmpfs 871 filesystem (thanks to Martin Pitt). Closes: #376142 872 * Removed nonexistant option from ospfd.8 manpage (thanks to 873 David Medberry). Closes: 378274 874 875 -- Christian Hammers <ch@debian.org> Sat, 15 Jul 2006 20:22:12 +0200 876 877quagga (0.99.4-3) unstable; urgency=low 878 879 * Removed invalid semicolon from rules file (thanks to Philippe Gramoulle). 880 881 -- Christian Hammers <ch@debian.org> Tue, 27 Jun 2006 23:36:07 +0200 882 883quagga (0.99.4-2) unstable; urgency=high 884 885 * Set urgency to high as 0.99.4-1 fixes a security problem! 886 * Fixed building of the info file. 887 888 -- Christian Hammers <ch@debian.org> Sun, 14 May 2006 23:04:28 +0200 889 890quagga (0.99.4-1) unstable; urgency=low 891 892 * New upstream release to fix a security problem in the telnet interface 893 of the BGP daemon which could be used for DoS attacks (CVE-2006-2276). 894 Closes: 366980 895 896 -- Christian Hammers <ch@debian.org> Sat, 13 May 2006 19:54:40 +0200 897 898quagga (0.99.3-3) unstable; urgency=low 899 900 * Added CVE numbers for the security patch in 0.99.3-2. 901 902 -- Christian Hammers <ch@debian.org> Sat, 6 May 2006 17:14:22 +0200 903 904quagga (0.99.3-2) unstable; urgency=high 905 906 * SECURITY: 907 Added security bugfix patch from upstream BTS for security problem 908 that could lead to injected routes when using RIPv1. 909 CVE-2006-2223 - missing configuration to disable RIPv1 or require 910 plaintext or MD5 authentication 911 CVE-2006-2224 - lack of enforcement of RIPv2 authentication requirements 912 Closes: #365940 913 * First amd64 upload. 914 915 -- Christian Hammers <ch@debian.org> Thu, 4 May 2006 00:22:09 +0200 916 917quagga (0.99.3-1) unstable; urgency=low 918 919 * New upstream release 920 921 -- Christian Hammers <ch@debian.org> Wed, 25 Jan 2006 13:37:27 +0100 922 923quagga (0.99.2-1) unstable; urgency=low 924 925 * New upstream release 926 Closes: #330248, #175553 927 928 -- Christian Hammers <ch@debian.org> Wed, 16 Nov 2005 00:25:52 +0100 929 930quagga (0.99.1-7) unstable; urgency=low 931 932 * Changed debian/rules check for mounted /proc directory to check 933 for /proc/1 as not all systems (e.g. 2.6 arm kernels) have 934 /proc/kcore which is a optional feature only (thanks to Lennert 935 Buytenhek). Closes: #335695 936 * Added Swedish Debconf translation (thanks to Daniel Nylander). 937 Closes: #331367 938 939 -- Christian Hammers <ch@debian.org> Thu, 27 Oct 2005 20:53:19 +0200 940 941quagga (0.99.1-6) unstable; urgency=low 942 943 * Fixed debconf dependency as requested by Joey Hess. 944 945 -- Christian Hammers <ch@debian.org> Mon, 26 Sep 2005 20:47:35 +0200 946 947quagga (0.99.1-5) unstable; urgency=low 948 949 * Rebuild with libreadline5-dev as build-dep as requested by 950 Matthias Klose. Closes: #326306 951 * Made initscript more fault tolerant against missing lines in 952 /etc/quagga/daemons (thanks to Ralf Hildebrandt). Closes: #323774 953 * Added dependency to adduser. 954 955 -- Christian Hammers <ch@debian.org> Tue, 13 Sep 2005 21:42:17 +0200 956 957quagga (0.99.1-4) unstable; urgency=low 958 959 * Added French Debconf translation (thanks to Mohammed Adnene Trojette). 960 Closes: #319324 961 * Added Czech Debconf translation (thanks to Miroslav Kure). 962 Closes: #318127 963 964 -- Christian Hammers <ch@debian.org> Sun, 31 Jul 2005 04:19:41 +0200 965 966quagga (0.99.1-3) unstable; urgency=low 967 968 * A Debconf question now asks the admin before upgrading if the daemon 969 should really be stopped as this could lead to the loss of network 970 connectivity or BGP flaps (thanks to Michael Horn and Achilleas Kotsis). 971 Also added a hint about setting Quagga "on hold" to README.Debian. 972 Closes: #315467 973 * Added patch to build on Linux/ARM. 974 975 -- Christian Hammers <ch@debian.org> Sun, 10 Jul 2005 22:19:38 +0200 976 977quagga (0.99.1-2) unstable; urgency=low 978 979 * Fixed SNMP enabled command in debian/rules (thanks to Christoph Kluenter). 980 Closes: #306840 981 982 -- Christian Hammers <ch@debian.org> Sat, 4 Jun 2005 14:04:01 +0200 983 984quagga (0.99.1-1) unstable; urgency=low 985 986 * New upstream version. Among others: 987 - BGP graceful restart and "match ip route-source" added 988 - support for interface renaming 989 - improved threading for better responsivness under load 990 * Switched to dpatch to make diffs cleaner. 991 * Made autoreconf unnecessary. 992 * Replaced quagga.dvi and quagga.ps by quagga.pdf in quagga-doc. 993 (the PostScript would have needed Makefile corrections and PDF 994 is more preferable anyway) 995 * Added isisd to the list of daemons in /etc/init.d/quagga (thanks 996 to Ernesto Elbe). 997 * Added hint for "netlink-listen: overrun" messages (thanks to 998 Hasso Tepper). 999 * Added preinst check that bails out if old smux options are in use 1000 as Quagga would not start up else anyway (thanks to Bjorn Mork). 1001 Closes: #308320 1002 1003 -- Christian Hammers <ch@debian.org> Fri, 13 May 2005 01:18:24 +0200 1004 1005quagga (0.98.3-7) unstable; urgency=high 1006 1007 * Removed SNMP support as linking against NetSNMP introduced a dependency 1008 to OpenSSL which is not compatible to the GPL which governs this 1009 application (thanks to Faidon Liambotis). See README.Debian for more 1010 information. Closes: #306840 1011 * Changed listening address of ospf6d and ripngd from 127.0.0.1 to "::1". 1012 * Added build-dep to groff to let drafz-zebra-00.txt build correctly. 1013 1014 -- Christian Hammers <ch@debian.org> Wed, 4 May 2005 20:08:14 +0200 1015 1016quagga (0.98.3-6) testing-proposed-updates; urgency=high 1017 1018 * Removed "Recommends kernel-image-2.4" as aptitude then 1019 installes a kernel-image for an arbitrary architecture as long 1020 as it fullfill that recommendation which can obviously fatal 1021 at the next reboot :) Also it is a violation of the policy 1022 which mandates a reference to real packages (thanks to Holger Levsen). 1023 Closes: #307281 1024 1025 -- Christian Hammers <ch@debian.org> Tue, 3 May 2005 22:53:39 +0200 1026 1027quagga (0.98.3-5) unstable; urgency=high 1028 1029 * The patch which tried to remove the OpenSSL dependency, which is 1030 not only unneccessary but also a violation of the licence and thus RC, 1031 stopped working a while ago, since autoreconf is no longer run before 1032 building the binaries. So now ./configure is patched directly (thanks 1033 to Faidon Liambotis for reporting). Closes: #306840 1034 * Raised Debhelper compatibility level from 3 to 4. Nothing changed. 1035 * Added build-dep to texinfo (>= 4.7) to ease work for www.backports.org. 1036 1037 -- Christian Hammers <ch@debian.org> Fri, 29 Apr 2005 02:31:03 +0200 1038 1039quagga (0.98.3-4) unstable; urgency=low 1040 1041 * Removed Debconf upgrade note as it was considered a Debconf abuse 1042 and apart from that so obvious that it was not even worth to be 1043 put into NEWS.Debian (thanks to Steve Langasek). Closes: #306384 1044 1045 -- Christian Hammers <ch@debian.org> Wed, 27 Apr 2005 00:10:24 +0200 1046 1047quagga (0.98.3-3) unstable; urgency=medium 1048 1049 * Adding the debconf module due to a lintian suggestion is a very 1050 bad idea if no db_stop is called as the script hangs then (thanks 1051 to Tore Anderson for reporting). Closes: #306324 1052 1053 -- Christian Hammers <ch@debian.org> Mon, 25 Apr 2005 21:55:58 +0200 1054 1055quagga (0.98.3-2) unstable; urgency=low 1056 1057 * Added debconf confmodule to postinst as lintian suggested. 1058 1059 -- Christian Hammers <ch@debian.org> Sun, 24 Apr 2005 13:16:00 +0200 1060 1061quagga (0.98.3-1) unstable; urgency=low 1062 1063 * New upstream release. 1064 Mmost notably fixes last regression in bgpd (reannounce of prefixes 1065 with changed attributes works again), race condition in netlink 1066 handling while using IPv6, MTU changes handling in ospfd and several 1067 crashes in ospfd, bgpd and ospf6d. 1068 1069 -- Christian Hammers <ch@debian.org> Mon, 4 Apr 2005 12:51:24 +0200 1070 1071quagga (0.98.2-2) unstable; urgency=low 1072 1073 * Added patch to let Quagga compile with gcc-4.0 (thanks to 1074 Andreas Jochens). Closes: #300949 1075 1076 -- Christian Hammers <ch@debian.org> Fri, 25 Mar 2005 19:33:30 +0100 1077 1078quagga (0.98.2-1) unstable; urgency=medium 1079 1080 * Quoting the upstream announcement: 1081 The 0.98.1 release unfortunately was a brown paper bag release with 1082 respect to ospfd. [...] 0.98.2 has been released, with one crucial change 1083 to fix the unfortunate mistake in 0.98.1, which caused problems if 1084 ospfd became DR. 1085 * Note: the upstream tarball had a strange problem, apparently redhat.spec 1086 was twice in it? At least debuild gave a strange error message so I 1087 unpacked it by hand. No changes were made to the .orig.tar.gz! 1088 1089 -- Christian Hammers <ch@debian.org> Fri, 4 Feb 2005 01:31:36 +0100 1090 1091quagga (0.98.1-1) unstable; urgency=medium 1092 1093 * New upstream version 1094 "fixing a fatal OSPF + MD5 auth regression, and a non-fatal high-load 1095 regression in bgpd which were present in the 0.98.0 release." 1096 * Upstream version fixes bug in ospfd that could lead to crash when OSPF 1097 packages had a MTU > 1500. Closes: #290566 1098 * Added notice regarding capability kernel support to README.Debian 1099 (thanks to Florian Weimer). Closes: #291509 1100 * Changed permission setting in postinst script (thanks to Bastian Blank). 1101 Closes: #292690 1102 1103 -- Christian Hammers <ch@debian.org> Tue, 1 Feb 2005 02:01:27 +0100 1104 1105quagga (0.98.0-3) unstable; urgency=low 1106 1107 * Fixed problem in init script. Closes: #290317 1108 * Removed obsolete "smux peer enable" patch. 1109 1110 -- Christian Hammers <ch@debian.org> Fri, 14 Jan 2005 17:37:27 +0100 1111 1112quagga (0.98.0-2) unstable; urgency=low 1113 1114 * Updated broken TCP MD5 patch for BGP (thanks to John P. Looney 1115 for telling me). 1116 1117 -- Christian Hammers <ch@debian.org> Thu, 13 Jan 2005 02:03:54 +0100 1118 1119quagga (0.98.0-1) unstable; urgency=low 1120 1121 * New upstream release 1122 * Added kernel-image-2.6 as alternative to 2.4 to the recommends 1123 (thanks to Faidon Liambotis). Closes: #289530 1124 1125 -- Christian Hammers <ch@debian.org> Mon, 10 Jan 2005 19:36:17 +0100 1126 1127quagga (0.97.5-1) unstable; urgency=low 1128 1129 * New upstream version. 1130 * Added Czech debconf translation (thanks to Miroslav Kure). 1131 Closes: #287293 1132 * Added Brazilian debconf translation (thanks to Andre Luis Lopes). 1133 Closes: #279352 1134 1135 -- Christian Hammers <ch@debian.org> Wed, 5 Jan 2005 23:49:57 +0100 1136 1137quagga (0.97.4-2) unstable; urgency=low 1138 1139 * Fixed quagga.info build problem. 1140 1141 -- Christian Hammers <ch@debian.org> Wed, 5 Jan 2005 22:38:01 +0100 1142 1143quagga (0.97.4-1) unstable; urgency=low 1144 1145 * New upstream release. 1146 1147 -- Christian Hammers <ch@debian.org> Tue, 4 Jan 2005 01:45:22 +0100 1148 1149quagga (0.97.3-2) unstable; urgency=low 1150 1151 * Included isisd in the daemon list. 1152 * Wrote an isisd manpage. 1153 * It is now ensured that zebra is always the last daemon to be stopped. 1154 * (Thanks to Hasso Tepper for mailing me a long list of suggestions 1155 which lead to this release) 1156 1157 -- Christian Hammers <ch@debian.org> Sat, 18 Dec 2004 13:14:55 +0100 1158 1159quagga (0.97.3-1) unstable; urgency=medium 1160 1161 * New upstream version. 1162 - Fixes important OSPF bug. 1163 * Added ht-20040911-smux.patch regarding Quagga bug #112. 1164 * Updated ht-20041109-0.97.3-bgp-md5.patch for BGP with TCP MD5 1165 (thanks to Matthias Wamser). 1166 1167 -- Christian Hammers <ch@debian.org> Tue, 9 Nov 2004 17:45:26 +0100 1168 1169quagga (0.97.2-4) unstable; urgency=low 1170 1171 * Added Portuguese debconf translation (thanks to Andre Luis Lopes). 1172 Closes: #279352 1173 * Disabled ospfapi server by default on recommendation of Paul Jakma. 1174 1175 -- Christian Hammers <ch@debian.org> Sun, 7 Nov 2004 15:07:05 +0100 1176 1177quagga (0.97.2-3) unstable; urgency=low 1178 1179 * Added Andrew Schorrs VTY Buffer patch from the [quagga-dev 1729]. 1180 1181 -- Christian Hammers <ch@debian.org> Tue, 2 Nov 2004 00:46:56 +0100 1182 1183quagga (0.97.2-2) unstable; urgency=low 1184 1185 * Changed file and directory permissions and ownerships according to a 1186 suggestion from Paul Jakma. Still not perfect though. 1187 * Fixed upstream vtysh.conf.sample file. 1188 * "ip ospf network broadcast" is now saved correctly. Closes: #244116 1189 * Daemon options are now in /etc/quagga/debian.conf to be user 1190 configurable (thanks to Simon Raven and Hasso Tepper). Closes: #266715 1191 1192 -- Christian Hammers <ch@debian.org> Tue, 26 Oct 2004 23:35:45 +0200 1193 1194quagga (0.97.2-1) unstable; urgency=low 1195 1196 * New upstream version. 1197 Closes: #254541 1198 * Fixed warning on unmodular kernels (thanks to Christoph Biedl). 1199 Closes: #277973 1200 1201 -- Christian Hammers <ch@debian.org> Mon, 25 Oct 2004 00:47:04 +0200 1202 1203quagga (0.97.1-2) unstable; urgency=low 1204 1205 * Version 0.97 introduced shared libraries. They are now included. 1206 (thanks to Raf D'Halleweyn). Closes: #277446 1207 1208 -- Christian Hammers <ch@debian.org> Wed, 20 Oct 2004 15:32:06 +0200 1209 1210quagga (0.97.1-1) unstable; urgency=low 1211 1212 * New upstream version. 1213 * Removed some obsolete files from debian/patches. 1214 * Added patch from upstream bug 113. Closes: #254541 1215 * Added patch from upstream that fixes a compilation problem in the 1216 ospfclient code (thanks to Hasso Tepper). 1217 * Updated German debconf translation (thanks to Jens Nachtigall) 1218 Closes: #277059 1219 1220 -- Christian Hammers <ch@debian.org> Mon, 18 Oct 2004 01:16:35 +0200 1221 1222quagga (0.96.5-11) unstable; urgency=low 1223 1224 * Fixed /tmp/buildd/* paths in binaries. 1225 For some unknown reason the upstream Makefile modified a .h file at 1226 the end of the "debian/rules build" target. During the following 1227 "make install" one library got thus be re*compiled* - with /tmp/buildd 1228 paths as sysconfdir (thanks to Peder Chr. Norgaard). Closes: #274050 1229 1230 -- Christian Hammers <ch@debian.org> Fri, 1 Oct 2004 01:21:02 +0200 1231 1232quagga (0.96.5-10) unstable; urgency=medium 1233 1234 * The BGP routing daemon might freeze on network disturbances when 1235 their peer is also a Quagga/Zebra router. 1236 Applied patch from http://bugzilla.quagga.net/show_bug.cgi?id=102 1237 which has been confirmed by the upstream author. 1238 (thanks to Gunther Stammwitz) 1239 * Changed --enable-pam to --with-libpam (thanks to Hasso Tepper). 1240 Closes: #264562 1241 * Added patch for vtysh (thanks to Hasso Tepper). Closes: #215919 1242 1243 -- Christian Hammers <ch@debian.org> Mon, 9 Aug 2004 15:33:02 +0200 1244 1245quagga (0.96.5-9) unstable; urgency=low 1246 1247 * Rewrote the documentation chapter about SNMP support. Closes: #195653 1248 * Added MPLS docs. 1249 1250 -- Christian Hammers <ch@debian.org> Thu, 29 Jul 2004 21:01:52 +0200 1251 1252quagga (0.96.5-8) unstable; urgency=low 1253 1254 * Adjusted a grep in the initscript to also match a modprobe message 1255 from older modutils packages (thanks to Faidon Paravoid). 1256 1257 -- Christian Hammers <ch@debian.org> Wed, 28 Jul 2004 21:19:02 +0200 1258 1259quagga (0.96.5-7) unstable; urgency=low 1260 1261 * Added a "cd /etc/quagga/" to the init script as quagga tries to load 1262 the config file first from the current working dir and then from the 1263 config dir which could lead to confusion (thanks to Marco d'Itri). 1264 Closes: #255078 1265 * Removed warning regarding problems with the Debian kernels from 1266 README.Debian as they are no longer valid (thanks to Raphael Hertzog). 1267 Closes: #257580 1268 * Added patch from Hasso Tepper that makes "terminal length 0" work 1269 in vtysh (thanks to Matthias Wamser). Closes: #252579 1270 1271 -- Christian Hammers <ch@debian.org> Thu, 8 Jul 2004 21:53:21 +0200 1272 1273quagga (0.96.5-6) unstable; urgency=low 1274 1275 * Try to load the capability module as it is needed now. 1276 1277 -- Christian Hammers <ch@debian.org> Tue, 8 Jun 2004 23:25:29 +0200 1278 1279quagga (0.96.5-5) unstable; urgency=low 1280 1281 * Changed the homedir of the quagga user to /etc/quagga/ to allow 1282 admins to put ~/.ssh/authorized_keys there (thanks to Matthias Wamser). 1283 Closes: #252577 1284 1285 -- Christian Hammers <ch@debian.org> Sat, 5 Jun 2004 14:47:31 +0200 1286 1287quagga (0.96.5-4) unstable; urgency=medium 1288 1289 * Fixed rules file to use the renamed ./configure option --enable-tcp-md5 1290 (thanks to Matthias Wamser). Closes: #252141 1291 1292 -- Christian Hammers <ch@debian.org> Tue, 1 Jun 2004 22:58:32 +0200 1293 1294quagga (0.96.5-3) unstable; urgency=low 1295 1296 * Provided default binary package name to all build depends that were 1297 virtual packages (thanks to Goswin von Brederlow). Closes: #251625 1298 1299 -- Christian Hammers <ch@debian.org> Sat, 29 May 2004 22:48:53 +0200 1300 1301quagga (0.96.5-2) unstable; urgency=low 1302 1303 * New upstream version. 1304 * New md5 patch version (thanks to Niklas Jakobsson and Hasso Tepper). 1305 Closes: #250985 1306 * Fixes info file generation (thanks to Peder Chr. Norgaard). 1307 Closes: #250992 1308 * Added catalan debconf translation (thanks to Aleix Badia i Bosch). 1309 Closes: #250118 1310 * PATCHES: 1311 This release contains BGP4 MD5 support which requires a kernel patch 1312 to work. See /usr/share/doc/quagga/README.Debian.MD5. 1313 (The patch is ht-20040525-0.96.5-bgp-md5.patch from Hasso Tepper) 1314 1315 -- Christian Hammers <ch@debian.org> Thu, 27 May 2004 20:09:37 +0200 1316 1317quagga (0.96.5-1) unstable; urgency=low 1318 1319 * New upstream version. 1320 * PATCHES: 1321 This release contains BGP4 MD5 support which also requires a kernel patch. 1322 See /usr/share/doc/quagga/README.Debian.MD5 and search for CAN-2004-0230. 1323 1324 -- Christian Hammers <ch@debian.org> Sun, 16 May 2004 17:40:40 +0200 1325 1326quagga (0.96.4x-10) unstable; urgency=low 1327 1328 * SECURITY: 1329 This release contains support for MD5 for BGP which is one suggested 1330 prevention of the actually long known TCP SYN/RST attacks which got 1331 much news in the last days as ideas were revealed that made them much 1332 easier probable agains especially the BGP sessions than commonly known. 1333 There are a lot of arguments agains the MD5 approach but some ISPs 1334 started to require it. 1335 See: CAN-2004-0230, http://www.us-cert.gov/cas/techalerts/TA04-111A.html 1336 * PATCHES: 1337 This release contains the MD5 patch from Hasso Tepper. It also seems to 1338 required a kernel patch. See /usr/share/doc/quagga/README.Debian.MD5. 1339 1340 -- Christian Hammers <ch@debian.org> Thu, 29 Apr 2004 01:01:38 +0200 1341 1342quagga (0.96.4x-9) unstable; urgency=low 1343 1344 * Fixed daemon loading order (thanks to Matt Kemner). 1345 * Fixed typo in init script (thanks to Charlie Brett). Closes: #238582 1346 1347 -- Christian Hammers <ch@debian.org> Sun, 4 Apr 2004 15:32:18 +0200 1348 1349quagga (0.96.4x-8) unstable; urgency=low 1350 1351 * Patched upstream source so that quagga header files end up in 1352 /usr/include/quagga/. Closes: #233792 1353 1354 -- Christian Hammers <ch@debian.org> Mon, 23 Feb 2004 01:42:53 +0100 1355 1356quagga (0.96.4x-7) unstable; urgency=low 1357 1358 * Fixed info file installation (thanks to Holger Dietze). Closes: #227579 1359 * Added Japanese translation (thanks to Hideki Yamane). Closes: #227812 1360 1361 -- Christian Hammers <ch@debian.org> Sun, 18 Jan 2004 17:28:29 +0100 1362 1363quagga (0.96.4x-6) unstable; urgency=low 1364 1365 * Added dependency to iproute. 1366 * Initscript now checks not only for the pid file but also for the 1367 daemons presence (thanks to Phil Gregory). Closes: #224389 1368 * Added my patch to configure file permissions. 1369 1370 -- Christian Hammers <ch@debian.org> Mon, 15 Dec 2003 22:34:29 +0100 1371 1372quagga (0.96.4x-5) unstable; urgency=low 1373 1374 * Added patch which gives bgpd the CAP_NET_RAW capability to allow it 1375 to bind to special IPv6 link-local interfaces (Thanks to Bastian Blank). 1376 Closes: #222930 1377 * Made woody backport easier by applying Colin Watsons po-debconf hack. 1378 Thanks to Marc Haber for suggesting it. Closes: #223527 1379 * Made woody backport easier by applying a patch that removes some 1380 obscure whitespaces inside an C macro. (Thanks to Marc Haber). 1381 Closes: #223529 1382 * Now uses /usr/bin/pager. Closes: #204070 1383 * Added note about the "official woody backports" on my homepage. 1384 1385 -- Christian Hammers <ch@debian.org> Mon, 15 Dec 2003 20:39:06 +0100 1386 1387quagga (0.96.4x-4) unstable; urgency=high 1388 1389 * SECURITY: 1390 Fixes another bug that was originally reported against Zebra. 1391 . 1392 http://rhn.redhat.com/errata/RHSA-2003-307.html 1393 Herbert Xu reported that Zebra can accept spoofed messages sent on the 1394 kernel netlink interface by other users on the local machine. This could 1395 lead to a local denial of service attack. The Common Vulnerabilities and 1396 Exposures project (cve.mitre.org) has assigned the name CAN-2003-0858 to 1397 this issue. 1398 1399 * Minor improvements to init script (thanks to Iustin Pop). 1400 Closes: #220938 1401 1402 -- Christian Hammers <ch@debian.org> Sat, 22 Nov 2003 13:27:57 +0100 1403 1404quagga (0.96.4x-3) unstable; urgency=low 1405 1406 * Changed "more" to "/usr/bin/pager" as default pager if $PAGER or 1407 $VTYSH_PAGER is not set (thanks to Bastian Blank). Closes: #204070 1408 * Made the directory (but not the config/log files!) world accessible 1409 again on user request (thanks to Anand Kumria)). Closes: #213129 1410 * No longer providing sample configuration in /etc/quagga/. They are 1411 now only available in /usr/share/doc/quagga/ to avoid accidently 1412 using them without changing the adresses (thanks to Marc Haber). 1413 Closes: #215918 1414 1415 -- Christian Hammers <ch@debian.org> Sun, 16 Nov 2003 16:59:30 +0100 1416 1417quagga (0.96.4x-2) unstable; urgency=low 1418 1419 * Fixed permission problem with pidfile (thanks to Kir Kostuchenko). 1420 Closes: #220938 1421 1422 -- Christian Hammers <ch@debian.org> Sun, 16 Nov 2003 14:24:08 +0100 1423 1424quagga (0.96.4x-1) unstable; urgency=low 1425 1426 * Reupload of 0.96.4. Last upload-in-a-hurry produced a totally 1427 crappy .tar.gz file. Closes: #220621 1428 1429 -- Christian Hammers <ch@debian.org> Fri, 14 Nov 2003 19:45:57 +0100 1430 1431quagga (0.96.4-1) unstable; urgency=high 1432 1433 * SECURITY: Remote DoS of protocol daemons. 1434 Fix for a remote triggerable crash in vty layer. The management 1435 ports ("telnet myrouter ospfd") should not be open to the internet! 1436 1437 * New upstream version. 1438 - OSPF bugfixes. 1439 - Some improvements for bgp and rip. 1440 1441 -- Christian Hammers <ch@debian.org> Thu, 13 Nov 2003 11:52:27 +0100 1442 1443quagga (0.96.3-3) unstable; urgency=low 1444 1445 * Fixed pid file generation by substituting the daemons "-d" by the 1446 start-stop-daemon option "--background" (thanks to Micha Gaisser). 1447 Closes: #218103 1448 1449 -- Christian Hammers <ch@debian.org> Wed, 29 Oct 2003 05:17:49 +0100 1450 1451quagga (0.96.3-2) unstable; urgency=low 1452 1453 * Readded GNOME-PRODUCT-ZEBRA-MIB. 1454 1455 -- Christian Hammers <ch@debian.org> Thu, 23 Oct 2003 06:17:03 +0200 1456 1457quagga (0.96.3-1) unstable; urgency=medium 1458 1459 * New upstream version. 1460 * Removed -u and -e in postrm due to problems with debhelper and userdel 1461 (thanks to Adam Majer and Jaakko Niemi). Closes: #216770 1462 * Removed SNMP MIBs as they are now included in libsnmp-base (thanks to 1463 David Engel and Peter Gervai). Closes: #216138, #216086 1464 * Fixed seq command in init script (thanks to Marc Haber). Closes: #215915 1465 * Improved /proc check (thanks to Marc Haber). Closes: #212331 1466 1467 -- Christian Hammers <ch@debian.org> Thu, 23 Oct 2003 03:42:02 +0200 1468 1469quagga (0.96.2-9) unstable; urgency=medium 1470 1471 * Removed /usr/share/info/dir.* which were accidently there and prevented 1472 the installation by dpkg (thanks to Simon Raven). Closes: #212614 1473 * Reworded package description (thanks to Anand Kumria). Closes: #213125 1474 * Added french debconf translation (thanks to Christian Perrier). 1475 Closes: #212803 1476 1477 -- Christian Hammers <ch@debian.org> Tue, 7 Oct 2003 13:26:58 +0200 1478 1479quagga (0.96.2-8) unstable; urgency=low 1480 1481 * debian/rules now checks if /proc is mounted as ./configure needs 1482 it but just fails with an obscure error message if it is absent. 1483 (Thanks to Norbert Tretkowski). Closes: #212331 1484 1485 -- Christian Hammers <ch@debian.org> Tue, 23 Sep 2003 12:57:38 +0200 1486 1487quagga (0.96.2-7) unstable; urgency=low 1488 1489 * Last build was rejected due to a buggy dpkg-dev version. Rebuild. 1490 1491 -- Christian Hammers <ch@debian.org> Mon, 22 Sep 2003 20:34:12 +0200 1492 1493quagga (0.96.2-6) unstable; urgency=low 1494 1495 * Fixed init script so that is is now possible to just start 1496 the bgpd but not the zebra daemon. Also daemons are now actually 1497 started in the order defined their priority. (Thanks to Thomas Kaehn 1498 and Jochen Friedrich) Closes: #210924 1499 1500 -- Christian Hammers <ch@debian.org> Fri, 19 Sep 2003 21:17:02 +0200 1501 1502quagga (0.96.2-5) unstable; urgency=low 1503 1504 * For using quagga as BGP route server or similar, it is not 1505 wanted to have the zebra daemon running too. For this reason 1506 it can now be disabled in /etc/quagga/daemons, too. 1507 (Thanks to Jochen Friedrich). Closes: #210924 1508 * Attached *unapplied* patch for the ISIS protocol. I did not dare 1509 to apply it as long as upstream does not do it but this way give 1510 users the possibilities to use it if they like to. 1511 (Thanks to Remco van Mook) 1512 1513 -- Christian Hammers <ch@debian.org> Wed, 17 Sep 2003 19:57:31 +0200 1514 1515quagga (0.96.2-4) unstable; urgency=low 1516 1517 * Enabled IPV6 router advertisement feature by default on user request 1518 (thanks to Jochen Friedrich and Hasso Tepper). Closes: #210732 1519 * Updated GNU autoconf to let it build on hppa/parisc64 (thanks to 1520 lamont). Closes: #210492 1521 1522 -- Christian Hammers <ch@debian.org> Sat, 13 Sep 2003 14:11:13 +0200 1523 1524quagga (0.96.2-3) unstable; urgency=medium 1525 1526 * Removed unnecessary "-lcrypto" to avoid dependency against OpenSSL 1527 which would require further copyright addtions. 1528 1529 -- Christian Hammers <ch@debian.org> Wed, 10 Sep 2003 01:37:28 +0200 1530 1531quagga (0.96.2-2) unstable; urgency=low 1532 1533 * Added note that config files of quagga are in /etc/quagga and 1534 not /etc/zebra for the zebra users that migrate to quagga. 1535 (Thanks to Roberto Suarez Soto for the idea) 1536 * Fixed setgid rights in /etc/quagga. 1537 1538 -- Christian Hammers <ch@debian.org> Wed, 27 Aug 2003 14:05:39 +0200 1539 1540quagga (0.96.2-1) unstable; urgency=low 1541 1542 * This package has formally been known as "zebra-pj"! 1543 * New upstream release. 1544 Fixes "anoying OSPF problem". 1545 * Modified group ownerships so that vtysh can now be used by normal 1546 uses if they are in the quaggavty group. 1547 1548 -- Christian Hammers <ch@debian.org> Mon, 25 Aug 2003 23:40:14 +0200 1549 1550quagga (0.96.1-1) unstable; urgency=low 1551 1552 * Zebra-pj, the fork of zebra has been renamed to quagga as the original 1553 upstream author asked the new project membed not to use "zebra" in the 1554 name. zebra-pj is obsolete. 1555 1556 -- Christian Hammers <ch@debian.org> Mon, 18 Aug 2003 23:37:20 +0200 1557 1558zebra-pj (0.94+cvs20030721-1) unstable; urgency=low 1559 1560 * New CVS build. 1561 - OSPF changes (integration of the OSPF API?) 1562 - code cleanups (for ipv6?) 1563 * Tightened Build-Deps to gcc-2.95 as 3.x does not compile a stable ospfd. 1564 This is a known problem and has been discussed on the mailing list. 1565 No other solutions so far. 1566 1567 -- Christian Hammers <ch@debian.org> Mon, 21 Jul 2003 23:52:00 +0200 1568 1569zebra-pj (0.94+cvs20030701-1) unstable; urgency=low 1570 1571 * Initial Release. 1572 1573 -- Christian Hammers <ch@debian.org> Tue, 1 Jul 2003 01:58:06 +0200 1574