commit frr for openSUSE:Factory

Fri, 08 May 2026 07:48:59 -0700 

Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package frr for openSUSE:Factory checked in 
at 2026-05-08 16:48:12
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/frr (Old)
 and      /work/SRC/openSUSE:Factory/.frr.new.1966 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "frr"

Fri May  8 16:48:12 2026 rev:46 rq:1351832 version:10.6.1

Changes:
--------
--- /work/SRC/openSUSE:Factory/frr/frr.changes  2026-04-28 13:22:34.523212515 
+0200
+++ /work/SRC/openSUSE:Factory/.frr.new.1966/frr.changes        2026-05-08 
16:48:32.365066941 +0200
@@ -1,0 +2,16 @@
+Fri May  8 07:59:01 UTC 2026 - Marius Tomaschewski <[email protected]>
+
+- Update to frr-10.6.1 (https://frrouting.org/release/10.6.1/)
+  providing several bug fixes. Already the previous update to
+  frr-10.6.0 includes security fixes for the following Denial
+  of Service (DoS) vulnerabilities:
+  - ospfd: harden TE/SR TLV iteration against malformed lengths
+    (bsc#1263859,CVE-2026-28532,gh#FRRouting/frr#21002)
+  - bgpd: fix off-by-one error in FlowSpec operator array bounds check
+    (bsc#1263863,CVE-2026-37457,gh#FRRouting/frr#21054)
+  - bgpd: Validate MP_REACH_NLRI attribute against incorrect next-hop
+    (bsc#1263974,CVE-2026-37458,gh#FRRouting/frr#21075)
+  - bgpd: Check if the NHC length is enough to fill TLV value + TLV header
+    (bsc#1264051,CVE-2026-37459,gh#FRRouting/frr#21074)
+
+-------------------------------------------------------------------

Old:
----
  frr-10.6.0.tar.gz

New:
----
  frr-10.6.1.tar.gz

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ frr.spec ++++++
--- /var/tmp/diff_new_pack.fsKjTq/_old  2026-05-08 16:48:32.977092303 +0200
+++ /var/tmp/diff_new_pack.fsKjTq/_new  2026-05-08 16:48:32.981092469 +0200
@@ -38,7 +38,7 @@
 %define frr_daemondir %{_prefix}/lib/%{name}
 
 Name:           frr
-Version:        10.6.0
+Version:        10.6.1
 Release:        0
 Summary:        The FRRouting Protocol Suite
 License:        GPL-2.0-or-later AND LGPL-2.1-or-later

++++++ frr-10.6.0.tar.gz -> frr-10.6.1.tar.gz ++++++
/work/SRC/openSUSE:Factory/frr/frr-10.6.0.tar.gz 
/work/SRC/openSUSE:Factory/.frr.new.1966/frr-10.6.1.tar.gz differ: char 13, 
line 1

Reply via email to