On Mon, Apr 29, 2024 at 06:05:08PM +0200, Daniel Baumann wrote:
> my initial attempt in 10.0-0.2 to link with libatomic didn't work, I've
> fixed that locally but a build to confirming on an armel porterbox is
> runnning before uploading 10.0-0.3 in some minutes..
I've synced in (all of) your ch
On Mon, Mar 18, 2024 at 12:42:56AM +0100, Sebastian Ramacher wrote:
> Source: frr
> Version: 9.1-0.1
> Justification: fails to build from source (but built successfully in the past)
[...]
> https://buildd.debian.org/status/fetch.php?pkg=frr&arch=armel&ver=9.1-0.1&stamp=1710631814&raw=0
[...]
> ./bu
Fixed upstream in 9f1ba873637fd6ce4a2d366eafcf41402775852b for 8.4,
pending pick-up together with fix for #1036062 / CVE-2023-31490.
(Would bump to upstream 8.4.4 if that's acceptable?)
-equi
Fixed upstream in 9f1ba873637fd6ce4a2d366eafcf41402775852b on stable/8.4
branch.
Debian fix incoming with bump to 8.4.4 if that's OK? That wouldn't be a
targeted security fix, but FRR minor versions are bugfix-only.
-equi
Argh, wrong bug, previous mail was for 1036061.
On Tue, Jun 13, 2023 at 03:17:52PM +0200, David Lamparter wrote:
> Fixed upstream in 9f1ba873637fd6ce4a2d366eafcf41402775852b on stable/8.4
> branch.
CVE-2023-31489 / 1036062 was fixed upstream on master but not backported
to 8.4 yet; now p
notfound 1035829 frr/8.4.2-1
stop
On Tue, May 09, 2023 at 09:19:30PM +0200, Moritz Mühlenhoff wrote:
> CVE-2022-43681[0]:
> CVE-2022-40318[1]:
> CVE-2022-40302[2]:
All 3 issues are fixed/not present in 8.4 and thus also 8.4.2-1:
- CVE-2022-43681 - 6c4ca9812976596bf8b5226600269fc4031f1422
- CVE-2
Package: libyang0.16
Version: 0.16.105-1
Tags: security
Severity: grave
This is a security issue tracking bug for CVEs:
- CVE-2019-19333
- CVE-2019-19334
Both issues are bugs in processing YANG models and may affect users
loading or validating untrusted YANG models. This is a relatively rare
use
On Sat, Nov 09, 2019 at 03:33:05AM +0100, Andreas Beckmann wrote:
> Package: frr
> Version: 7.2-1
> Severity: serious
>
> during a test with piuparts I noticed your package failed to install
> because it tries to overwrite other packages files.
[...]
> dpkg: error processing archive
> /tmp/apt-
Hi Andreas,
I've added Conflicts: lines, as that seemed to be the most conservative
option to me. ("Replaces: quagga" is a 'layer 9' discussion that I
think it's a bit early to have at this point.)
If you have any comments/opinions/input, I'd appreciate that.
Diff is at:
https://github.com/FRRo
Hi Andreas,
Thanks for the report!
On Mon, Feb 04, 2019 at 07:26:59PM +0100, Andreas Beckmann wrote:
> if I understood the changelog entry correctly, frr is a successor to
> quagga. There are a lot of Breaks+Replaces missing for taking over files
> owned by quagga-*:
FRR is indeed a (the?) succ
Hi Adrian,
On Mon, Feb 04, 2019 at 04:11:45PM +0200, Adrian Bunk wrote:
> There are two bugs:
> 1. build depending on the shared library package is
>usually a bug, the -dev should pull in everything
> 2. the unstable buildds only consider the first alternative
Thanks for the report! Fix is
11 matches
Mail list logo
