-
quagga (1.2.4-4) unstable; urgency=medium
* Fix build depends (Closes: #932976)
-- Brett Parker <email address hidden> Fri, 02 Aug 2019 08:36:29 +0100
-
quagga (1.2.4-3) unstable; urgency=medium
[ Ondřej Nový ]
* d/copyright: Use https protocol in Format field
* d/changelog: Remove trailing whitespaces
[ Brett Parker ]
* d/control: remove build dep on libpcre3-dev (Closes: #920310)
-- Brett Parker <email address hidden> Sat, 26 Jan 2019 10:32:12 +0000
-
quagga (1.2.4-2) unstable; urgency=low
* Correct previous changelog entry for CVE numbers
* Re-enable building of watchquagga
* Re-instate sysvinit scripts (Closes: #849011, #865874)
-- Brett Parker <email address hidden> Sat, 31 Mar 2018 14:36:08 +0100
-
quagga (1.2.4-1) unstable; urgency=medium
* New maintainer (Closes: #884919)
* New upstream release (Closes: #890563)
- Fixes CVE-2018-5278
- Fixes CVE-2018-5279
- Fixes CVE-2018-5280
- Fixes CVE-2018-5281
-- Brett Parker <email address hidden> Sat, 17 Mar 2018 15:33:00 +0000
-
quagga (1.2.2-1) unstable; urgency=medium
* New upstream release (Closes: #879474, #857187).
* Rework patches to apply against new upstream version.
* Change zebra daemon GID to allow writing to /run/quagga (Closes: #880522).
* Change group permissions on Quagga.conf (Closes: #847106).
* Add missing build-dep on libc-ares-dev.
* Add patch for documentation fixes (Closes: #879971).
-- Scott Leggett <email address hidden> Sun, 05 Nov 2017 22:11:44 +1100
-
quagga (1.1.1-3) unstable; urgency=medium
* Fix upgrade file conflict with old quagga packages (Closes: #859581).
-- Scott Leggett <email address hidden> Wed, 05 Apr 2017 21:41:14 +1000
-
quagga (1.1.1-2) unstable; urgency=medium
* Remove libquagga0 and libquagga-dev binary packages (Closes: #856936).
- Move shared objects into quagga-core, as they are currently intended
by upstream to be private.
- Avoid shipping headers and static libraries at all.
- Upstream plans to ship with a stable API/ABI in future, and these
changes will be reviewed then.
-- Scott Leggett <email address hidden> Sun, 26 Mar 2017 23:04:32 +1100
-
quagga (1.1.1-1) unstable; urgency=low
* SECURITY:
- New upstream bugfix release, fixes CVE-2017-5495 (Closes: #852454).
* Remove patch disabling debug print statements; fixed upstream.
* Update libquagga0.symbols for libzebra SONAME bump.
-- Scott Leggett <email address hidden> Fri, 27 Jan 2017 10:48:50 +1100
-
quagga (1.1.0-3) unstable; urgency=low
* Update .service file patch (Closes: #849953).
-- Scott Leggett <email address hidden> Tue, 03 Jan 2017 22:07:12 +0800
-
quagga (1.1.0-2) unstable; urgency=low
* Fix autopkgtests.
* Check for existing dpkg-statoverride on /etc/quagga (Closes: #847355).
-- Scott Leggett <email address hidden> Fri, 09 Dec 2016 22:56:55 +1100
-
quagga (1.1.0-1) unstable; urgency=low
* New upstream release (Closes: #774760, #516226, #830515)
* Import packaging from the last debian release 1.0.20160315-3.
* Remove dump_fix.patch applied upstream.
* Remove patch which is no longer relevant.
* Remove patch for CVE-2016-1245 fixed upstream.
* Rely on automatic -dbgsym package rather than deprecated -dbg.
* Remove deprecated XS-testsuite header in debian/control.
* Remove template comment from debian/watch.
* Add patch to fix spelling and grammar errors.
* Register quagga-doc with doc-base.
* Add patch to fix ospfclient(8) manpage numbering.
* Added patch to avoid debug print statements on vtysh startup.
* Adopt package, set myself as maintainer (Closes: #836418).
* Add quagga user to quaggavty group in preinst.
* Drop patch for Debian pager default in vtysh (Closes: #788243).
* Update debian/copyright.
* Bump compat level to 10 (Closes: #534833).
* Use systemd .service files rather than init.d scripts (Closes: #678946,
#805840, #839819, #412483).
* Split quagga package out into multiple packages (Closes: #705306).
* Remove debconf question which left packages in inconsistent state.
* Add patch for manpage versioning.
* Update README.Debian, README.Maintainer.
* Removed patch on vtysh.conf.
* Add NEWS.Debian about the major changes to the package.
-- Scott Leggett <email address hidden> Mon, 21 Nov 2016 21:30:12 +1100
-
quagga (1.0.20160315-3) unstable; urgency=high
* Apply patch to fix CVE-2016-1245. Closes: #841162.
-- Florian Weimer <email address hidden> Tue, 18 Oct 2016 22:06:18 +0200
-
quagga (1.0.20160315-2) unstable; urgency=high
* QA upload.
* Run wrap-and-sort.
* debian/control:
- Set QA group as maintainer, as Christian orphaned the package (see
#837358).
- Bump Standards-Version to 3.9.8.
* SECURITY:
- CVE-2016-4049: Missing size check in bgp_dump_routes_func in
bgpd/bgp_dump.c allowing DoS (Closes: #822787).
- CVE-2016-4036: World readable sensitive files in /etc/quagga
(Closes: #835223).
-- Hugo Lefeuvre <email address hidden> Sun, 11 Sep 2016 21:37:00 +0200
-
quagga (1.0.20160315-1) unstable; urgency=high
* SECURITY:
CVE-2016-2342: VPNv4 NLRI parses memcpys to stack on unchecked length
(Closes: #819179)
* New upstream release
* babeld has been removed from the Quagga upstream project.
There is a implementation available in the Debian "babeld" package.
* Removed no longer recognized configure options: --enable-ospf-te,
--enable-opaque-lsa and --enable-ipv6
* Removed configure options that are now default: --enable-pimd and
--enable-vtysh
-- Christian Brunotte <email address hidden> Wed, 30 Mar 2016 23:34:33 +0200
-
quagga (0.99.24.1-2) unstable; urgency=low
* Renamed manpage pim.8 to quagga-pim.8 as the former name is already used
by the pimd package. Closes: 780252
-- Christian Brunotte <email address hidden> Thu, 12 Mar 2015 22:37:41 +0100
-
quagga (0.99.24.1-1) unstable; urgency=low
* New upstream release
* Upstream fix for Zebra crash.
-- Christian Brunotte <email address hidden> Sun, 08 Mar 2015 02:04:18 +0100
-
quagga (0.99.23.1-1) unstable; urgency=medium
* New upstream release
* Added .png figures for info files to quagga-doc package.
* Changed dependency from iproute to iproute2 (thanks to Andreas
Henriksson). Closes: #753736
* Added texlive-fonts-recommended to build-depends to get ecrm1095 font
(thanks to Christoph Biedl). Closes: #651545
-- Christian Brunotte <email address hidden> Tue, 30 Sep 2014 00:20:12 +0200
-
quagga (0.99.23-1) unstable; urgency=low
* New upstream release
* Removed debian/patches/readline-6.3.diff which was already in upstream.
-- Christian Hammers <email address hidden> Tue, 08 Jul 2014 09:15:48 +0200
-
quagga (0.99.22.4-4) unstable; urgency=medium
* Fix build failure with readline-6.3 (thanks to Matthias Klose).
Closes: #741774
-- Christian Hammers <email address hidden> Sun, 23 Mar 2014 15:28:42 +0100
-
quagga (0.99.22.4-3) unstable; urgency=low
* Added status to init script (thanks to Peter J. Holzer). Closes: #730625
* Init script now sources /lib/lsb/init-functions.
* Switched from hardening-wrapper to dpkg-buildflags.
-- Christian Hammers <email address hidden> Wed, 01 Jan 2014 19:12:01 +0100
-
quagga (0.99.22.4-2) unstable; urgency=low
* Fixed typo in package description (thanks to Davide Prina).
Closes: #625860
* Added Italian Debconf translation (thanks to Beatrice Torracca)
Closes: #729798
-- Christian Hammers <email address hidden> Tue, 26 Nov 2013 00:47:11 +0100
-
quagga (0.99.22.4-1) unstable; urgency=high
* SECURITY:
"ospfd: CVE-2013-2236, stack overrun in apiserver
the OSPF API-server (exporting the LSDB and allowing announcement of
Opaque-LSAs) writes past the end of fixed on-stack buffers. This leads
to an exploitable stack overflow.
For this condition to occur, the following two conditions must be true:
- Quagga is configured with --enable-opaque-lsa
- ospfd is started with the "-a" command line option
If either of these does not hold, the relevant code is not executed and
the issue does not get triggered."
Closes: #726724
* New upstream release
- ospfd: protect vs. VU#229804 (malformed Router-LSA)
(Quagga is said to be non-vulnerable but still adds some protection)
-- Christian Hammers <email address hidden> Thu, 24 Oct 2013 22:58:37 +0200
-
quagga (0.99.22.1-2) unstable; urgency=low
* Added autopkgtests (thanks to Yolanda Robla). Closes: #710147
* Added "status" command to init script (thanks to James Andrewartha).
Closes: #690013
* Added "libsnmp-dev" to Build-Deps. There not needed for the official
builds but for people who compile Quagga themselves to activate the
SNMP feature (which for licence reasons cannot be done by Debian).
Thanks to Ben Winslow). Closes: #694852
* Changed watchquagga_options to an array so that quotes can finally
be used as expected. Closes: #681088
* Fixed bug that prevented restarting only the watchquagga daemon
(thanks to Harald Kappe). Closes: #687124
-- Christian Hammers <email address hidden> Sat, 27 Jul 2013 16:06:25 +0200
-
quagga (0.99.22.1-1) unstable; urgency=low
* New upstream release
- ospfd restore nexthop IP for p2p interfaces
- ospfd: fix LSA initialization for build without opaque LSA
- ripd: correctly redistribute ifindex routes (BZ#664)
- bgpd: fix lost passwords of grouped neighbors
* Removed 91_ld_as_needed.diff as it was found in the upstream source.
-- Christian Hammers <email address hidden> Mon, 22 Apr 2013 22:21:20 +0200
-
quagga (0.99.22-1) unstable; urgency=low
* New upstream release.
- [bgpd] The semantics of default-originate route-map have changed.
The route-map is now used to advertise the default route conditionally.
The old behaviour which allowed to set attributes on the originated
default route is no longer supported.
- [bgpd] this version of bgpd implements draft-idr-error-handling. This was
added in 0.99.21 and may not be desirable. If you need a version
without this behaviour, please use 0.99.20.1. There will be a
runtime configuration switch for this in future versions.
- [isisd] is in "beta" state.
- [ospf6d] is in "alpha/experimental" state
- More changes are documented in the upstream changelog!
* debian/watch: Adjusted to new savannah.gnu.org site, thanks to Bart
Martens.
* debian/patches/99_CVE-2012-1820_bgp_capability_orf.diff removed as its
in the changelog.
* debian/patches/99_distribute_list.diff removed as its in the changelog.
* debian/patches/10_doc__Makefiles__makeinfo-force.diff removed as it
was just for Debian woody.
-- Christian Hammers <email address hidden> Thu, 14 Feb 2013 00:22:00 +0100
-
quagga (0.99.21-4) unstable; urgency=medium
* Fixed regression bug that caused OSPF "distribute-list" statements to be
silently ignored. The patch has already been applied upstream but there
has been no new Quagga release since then.
Thanks to Hans van Kranenburg for reporting. Closes: #697240
-- Christian Hammers <email address hidden> Sun, 06 Jan 2013 15:50:32 +0100
-
quagga (0.99.21-3) unstable; urgency=high
* SECURITY:
CVE-2012-1820 - Quagga contained a bug in BGP OPEN message handling.
A denial-of-service condition could be caused by an attacker controlling
one of the pre-configured BGP peers. In most cases this means, that the
attack must be originated from an adjacent network. Closes: #676510
-- Christian Hammers <email address hidden> Fri, 08 Jun 2012 01:15:32 +0200
-
quagga (0.99.21-2) unstable; urgency=low
* Renamed babeld.8 to quagga-babeld.8 as it conflicted with the
original mapage of the babeld package which users might want to
install in parallel as it is slightly more capable. Closes: #671916
-- Christian Hammers <email address hidden> Thu, 10 May 2012 07:53:01 +0200
-
quagga (0.99.21-1) unstable; urgency=low
* New upstream release
- [bgpd] BGP multipath support has been merged
- [bgpd] SAFI (Multicast topology) support has been extended to propagate
the topology to zebra.
- [bgpd] AS path limit functionality has been removed
- [babeld] a new routing daemon implementing the BABEL ad-hoc mesh routing
protocol has been merged.
- [isisd] a major overhaul has been picked up. Please note that isisd is
STILL NOT SUITABLE FOR PRODUCTION USE.
- a lot of bugs have been fixed
* Added watchquagga daemon.
* Added DEP-3 conforming patch comments.
-- Christian Hammers <email address hidden> Sun, 06 May 2012 15:33:33 +0200
-
quagga (0.99.20.1-1) unstable; urgency=high
* SECURITY:
CVE-2012-0249 - Quagga ospfd DoS on malformed LS-Update packet
CVE-2012-0250 - Quagga ospfd DoS on malformed Network-LSA data
CVE-2012-0255 - Quagga bgpd DoS on malformed OPEN message
* New upstream release. Closes: #664033
-- Christian Hammers <email address hidden> Fri, 16 Mar 2012 22:14:05 +0100
-
quagga (0.99.20-4) unstable; urgency=low
* Switch to dpkg-source 3.0 (quilt) format.
* Switch to changelog-format-1.0.
-- Christian Hammers <email address hidden> Sat, 25 Feb 2012 18:52:06 +0100
-
quagga (0.99.20-3) unstable; urgency=low
* Added --sysconfdir back to the configure options (thanks to Sven-Haegar
Koch). Closes: #645649
-- Christian Hammers <email address hidden> Tue, 18 Oct 2011 00:24:37 +0200
-
quagga (0.99.20-2) unstable; urgency=low
* Bumped standards version to 0.9.2.
* Migrated to "dh" build system.
* Added quagga-dbg package.
-- Christian Hammers <email address hidden> Fri, 14 Oct 2011 23:59:26 +0200
-
quagga (0.99.20-1) unstable; urgency=low
* New upstream release:
"The primary focus of this release is a fix of SEGV regression in ospfd,
which was introduced in 0.99.19. It also features a series of minor
improvements, including better RFC compliance in bgpd, better support
of FreeBSD and some enhancements to isisd."
* Fixes off-by-one bug (removed 20_ospf6_area_argv.dpatch). Closes: #519488
-- Christian Hammers <email address hidden> Fri, 30 Sep 2011 00:59:24 +0200
-
quagga (0.99.19-1) unstable; urgency=high
* SECURITY:
"This release provides security fixes, which address assorted
vulnerabilities in bgpd, ospfd and ospf6d (CVE-2011-3323,
CVE-2011-3324, CVE-2011-3325, CVE-2011-3326 and CVE-2011-3327).
* New upstream release.
* Removed incorporated debian/patches/92_opaque_lsa_enable.dpatch.
* Removed incorporated debian/patches/93_opaque_lsa_fix.dpatch.
* Removed obsolete debian/README.Debian.Woody and README.Debian.MD5.
-- Christian Hammers <email address hidden> Tue, 27 Sep 2011 00:16:27 +0200
-
quagga (0.99.18-2) unstable; urgency=low
* Removed 90_configure_ncurses.dpatch which does not have any visible effect to the control files dependencies nor to the ldd usr/bin/vtysh output anymore. The web site with the "checklib" tool that reported warnings for superfluous dependencies in 2006 cannot be found anymore. * Removed 10_doc__Makefiles__makeinfo-force.dpatch which was only for the 'woody' release. * Added 94_gcc45_format.dpatch which contains the patches from #614459 * Added sed snipped to debian/rules to remove dependencies from all .la files as requested in http://wiki.debian.org/ReleaseGoals/LAFileRemoval * Removed --enable-tcp-md5 from ./configure call as this option has been renamed to --enable-linux24-tcp-md5 and is thus no longer needed. * Bumped standards version to 3.9.2. -- Christian Hammers <email address hidden> Wed, 27 Jul 2011 22:20:50 +0200
-
quagga (0.99.18-1) unstable; urgency=low
* SECURITY: "This release fixes 2 denial of services in bgpd, which can be remotely triggered by malformed AS-Pathlimit or Extended-Community attributes. These issues have been assigned CVE-2010-1674 and CVE-2010-1675. Support for AS-Pathlimit has been removed with this release." * Added Brazilian Portuguese debconf translation. Closes: #617735 * Changed section for quagga-doc from "doc" to "net". * Added patch to fix FTBFS with latest GCC. Closes: #614459 -- Christian Hammers <email address hidden> Tue, 22 Mar 2011 23:13:34 +0100
-
quagga (0.99.17-4) unstable; urgency=low
* Added comment to init script (thanks to Marc Haber). Closes: #599524 -- Christian Hammers <email address hidden> Thu, 13 Jan 2011 23:53:29 +0100
-
quagga (0.99.17-2) unstable; urgency=low
* Added Danisch Debconf translation (thanks to Joe Dalton). Closes: #596259
-- Christian Hammers <email address hidden> Sat, 18 Sep 2010 12:20:07 +0200
-
quagga (0.99.17-1) unstable; urgency=high
* SECURITY:
"This release provides two important bugfixes, which address remote crash
possibility in bgpd discovered by CROSS team.":
1. Stack buffer overflow by processing certain Route-Refresh messages
CVE-2010-2948
2. DoS (crash) while processing certain BGP update AS path messages
CVE-2010-2949
Closes: #594262
-- Christian Hammers <email address hidden> Wed, 25 Aug 2010 00:52:48 +0200
-
quagga (0.99.16-1) unstable; urgency=low
* New upstream release. Closes: #574527
* Added chrpath to debian/rules to fix rpath problems that lintian spottet.
-- Christian Hammers <email address hidden> Sun, 21 Mar 2010 17:05:40 +0100
-
quagga (0.99.15-1) unstable; urgency=low
* New upstream release
"This fixes some annoying little ospfd and ospf6d regressions, which made
0.99.14 a bit of a problem release (...) This release still contains a
regression in the "no ip address ..." command, at least on Linux.
See bug #486, which contains a workaround patch. This release should be
considered a 1.0.0 release candidate. Please test this release as widely
as possible."
* Fixed wrong port number in zebra.8 (thanks to Thijs Kinkhorst).
Closes: #517860
* Added Russian Debconf tanslation (thanks to Yuri Kozlov).
Closes: #539464
* Removed so-version in build-dep to libreadline-dev on request of
Matthias Klose.
* Added README.source with reference to dpatch as suggested by lintian.
* Bumped standards versionto 3.8.3.
-- Christian Hammers <email address hidden> Sun, 13 Sep 2009 18:12:06 +0200
-
quagga (0.99.14-1) unstable; urgency=low
* New upstream release
"This release contains a regression fix for ospf6d, various small fixes
and some hopefully very significant bgpd stability fixes.
This release should be considered a 1.0.0 release candidate. Please test
this release as widely as possible."
* Fixes bug with premature LSA aging in ospf6d. Closes: #535030
* Fixes section number in zebra.8 manpage. Closes: #517860
-- Christian Hammers <email address hidden> Sat, 25 Jul 2009 00:40:38 +0200
-
quagga (0.99.13-2) unstable; urgency=low
* Added Japanese Debconf translation (thanks to Hideki Yamane).
Closes: #510714
* When checking for obsoleted config options in preinst, print filename
where it occures (thanks to Michael Bussmann). Closes: #339489
-- Christian Hammers <email address hidden> Sun, 19 Jul 2009 17:13:23 +0200
-
quagga (0.99.13-1) unstable; urgency=low
* New upstream release
"This release is contains a number of small fixes, for potentially
irritating issues, as well as small enhancements to vtysh and support
for linking to PCRE (a much faster regex library)."
* Added build-dep to gawk as configure required it for memtypes.awk
* Replaced build-dep to gs-gpl with ghostscript as requested by lintian
* Minor changes to copyright and control files to make lintian happy.
-- Christian Hammers <email address hidden> Wed, 24 Jun 2009 17:53:28 +0200
-
quagga (0.99.11-2) unstable; urgency=high
* Apply patch from Chris Caputo to fix AS4 crash.
* Fix FTBFS due to changed ImageMagick convert command, option -dither.
-- Florian Weimer <email address hidden> Mon, 04 May 2009 10:10:13 +0200
-
quagga (0.99.11-1) unstable; urgency=low
* New upstream release
"Most regressions in 0.99 over 0.98 are now believed to be fixed. This
release should be considered a release-candidate for a new stable series."
+ bgpd: Preliminary UI and Linux-IPv4 support for TCP-MD5 merged
+ zebra: ignore dead routes in RIB update
+ [ospfd] Default route needs to be refreshed after neighbour state change
+ [zebra:netlink] Set proto/scope on all route update messages
* Removed debian/patches/20_*bgp*md5*.dpatch due to upstream support.
-- Christian Hammers <email address hidden> Thu, 09 Oct 2008 22:56:38 +0200
