buildroot/package/quagga, branch 2019.02-op-build

Merge branch 'next'

2018-12-02T07:16:10+00:00

Signed-off-by: Peter Korsgaard

package/quagga: add nhrpd option

2018-12-01T21:47:13+00:00

Signed-off-by: Fabrice Fontaine Signed-off-by: Thomas Petazzoni

package/quagga: bump to version 1.2.3

2018-12-01T21:47:01+00:00

- Remove all patches except the first one as they are already in this version - Remove AUTORECONF = YES as we're not patching any *.ac files anymore - Disable new nhrpd option - Add hash for license file Signed-off-by: Fabrice Fontaine Signed-off-by: Thomas Petazzoni

quagga: fix BR2_PACKAGE_QUAGGA_TCP_ZEBRA

2018-12-01T20:50:29+00:00

Since bump to version 0.99.21 and commit b20c77321fa87f880ead2f27ecf19fd7c4f436da, BR2_PACKAGE_QUAGGA_TCP_ZEBRA has been wrongly rename into BR2_PACKAGE_QUAGGA_TCP_ZERBRA Signed-off-by: Fabrice Fontaine Signed-off-by: Thomas Petazzoni

quagga: add upstream security fixes

2018-02-19T22:48:35+00:00

Fixes the following security issues: CVE-2018-5378 It was discovered that the Quagga BGP daemon, bgpd, does not properly bounds check data sent with a NOTIFY to a peer, if an attribute length is invalid. A configured BGP peer can take advantage of this bug to read memory from the bgpd process or cause a denial of service (daemon crash). https://www.quagga.net/security/Quagga-2018-0543.txt CVE-2018-5379 It was discovered that the Quagga BGP daemon, bgpd, can double-free memory when processing certain forms of UPDATE message, containing cluster-list and/or unknown attributes, resulting in a denial of service (bgpd daemon crash). https://www.quagga.net/security/Quagga-2018-1114.txt CVE-2018-5380 It was discovered that the Quagga BGP daemon, bgpd, does not properly handle internal BGP code-to-string conversion tables. https://www.quagga.net/security/Quagga-2018-1550.txt CVE-2018-5381 It was discovered that the Quagga BGP daemon, bgpd, can enter an infinite loop if sent an invalid OPEN message by a configured peer. A configured peer can take advantage of this flaw to cause a denial of service (bgpd daemon not responding to any other events; BGP sessions will drop and not be reestablished; unresponsive CLI interface). https://www.quagga.net/security/Quagga-2018-1975.txt Signed-off-by: Peter Korsgaard

package/*/Config.in: fix help text check-package warnings

2017-12-18T08:22:54+00:00

This commit fixes the warnings reported by check-package on the help text of all package Config.in files, related to the formatting of the help text: should start with a tab, then 2 spaces, then at most 62 characters. The vast majority of warnings fixed were caused by too long lines. A few warnings were related to spaces being used instead of a tab to indent the help text. Signed-off-by: Thomas Petazzoni

quagga: add upstream security fix for CVE-2017-16227

2017-11-01T09:47:12+00:00

>From the advisory: http://www.openwall.com/lists/oss-security/2017/10/30/4 It was discovered that the bgpd daemon in the Quagga routing suite does not properly calculate the length of multi-segment AS_PATH UPDATE messages, causing bgpd to drop a session and potentially resulting in loss of network connectivity. Signed-off-by: Peter Korsgaard Signed-off-by: Thomas Petazzoni

boot, linux, package: use SPDX short identifier for GPLv2/GPLv2+

2017-04-01T13:16:38+00:00

We want to use SPDX identifier for license strings as much as possible. SPDX short identifier for GPLv2/GPLv2+ is GPL-2.0/GPL-2.0+. This change is done by using following command. find . -name "*.mk" | xargs sed -ri '/LICENSE( )?[\+:]?=/s/\/GPL-2.0/g' Signed-off-by: Rahul Bedarkar Signed-off-by: Thomas Petazzoni

quagga: security bump to version 1.1.1

2017-02-09T13:51:09+00:00

Fixes CVE-2017-5495: Telnet interface input buffer allocates unbounded amounts of memory, leading to DoS. Add optional dependency on protobuf-c. Signed-off-by: Baruch Siach Signed-off-by: Peter Korsgaard

quagga: fix typo s/BPG/BGP/

2016-11-25T20:55:03+00:00

Fixes bug #9431. Reported-by: xichaoli Signed-off-by: Thomas Petazzoni