github FRRouting/frr frr-10.5.4
FRR Release 10.5.4
on GitHub

latest release: frr-10.6.1
7 hours ago

Debian Packages - https://deb.frrouting.org/
RPM Packages - https://rpm.frrouting.org/
Docker - quay.io/frrouting/frr

What's Changed

  • pimd: When address change ensure DR changes too. (backport #20881)
  • lib/typesafe: guard skiplist level generation against ctz(0) UB (backport #20899)
  • bgpd: fix memory leak in cluster_intern() (backport #20913)
  • doc: add some text regarding libyang versions (backport #20862)
  • eigrpd: handle the gr neighbor list safely in update_receive (backport #20933)
  • nhrpd: fix packet and buffer handling errors (backport #20932)
  • bgpd: Fix test for OPEN message with remote-as auto (backport #20963)
  • bgpd: Add missing PEER_FLAG_SEND_NHC_ATTRIBUTE for update group flags (backport)
  • bgpd: check more during flowspec nlri parsing (backport #19909)
  • bgpd: Fix condition when evaluating paths (backport #20975)
  • ospfd: harden TE/SR TLV iteration against malformed lengths (backport #21002)
  • bfdd: Fix wrong memory free when using ttable code (backport #21020)
  • bgpd: fix off-by-one error in FlowSpec operator array bounds check (backport #21054)
  • lib: fix zclient crash when many peers reconnect after FRR restart (backport #21056)
  • lib: fix vty_is_closed() falsely reporting VTY_SHELL as closed (backport #21082)
  • bgpd: Check if the NHC length is enough to fill TLV value + TLV header (backport #21074)
  • ospfd: fix sequence number check, avoid truncation ambiguity (backport #21096)
  • nhrpd: Correct addrlen check in os_recvmsg() (backport #21100)
  • ldpd: improve tlv validation in several places (backport #21118)
  • PIM message-handling code fixes (backport #21093)
  • lib: disable warning in zlog.c to match master
  • bgpd: fix some packet-parsing issues (10.5 version)
  • bgpd: Return 0 if AS4 capability is malformed (backport #21112)
  • isisd: fix edge condition in max_lsp_count computation (backport #21159)
  • bgpd: Prevent heap use-after-free for tunnel encapsulation attribute (backport #21176)
  • isisd: fix memory leak in remove_excess_adjs() (backport #21183)
  • isisd: Fix missing neighbor address Sub-TLVs after link-params change (backport #21204)
  • bgpd: improve packet parsing for EVPN and ENCAP/VNC (backport #21098)
  • nhrpd: harden against malformed packets (backport #21097)
  • ripngd: fix data handling in several places (10.5 backport)
  • bgpd: Recent bugs for 10.5
  • vrrrpd: improve error handling in several paths (backport #21251)
  • bgpd: fix NHT for explicit link-local BGP peers (backport)
  • bgpd: flowspec foobar hardening (backport #21308)
  • bgpd: fix import vrf on non existing vrf (backport)
  • ospf6d: improve/harden packet processing (backport #21277)
  • bfdd: harden packet validation and reflector handling (backport #21105) (backport #21255)
  • pceplib: validate during of_list TLV decoding (backport #21310)
  • pimd: fix crash due to double free (backport #21354)
  • eigrpd: improve validation and error-handling in tlv parsing (backport #21316 to 10.5)
  • bgpd: Revalidate locally originated routes against RPKI changes (backport #21302)
  • bgpd: hardening backports 10.5
  • bgpd: Move rpki strict check to bgp_accept() (backport #21328)
  • bgpd: Do not allocate stream if route-refresh capability is not received (backport #21394)
  • bgpd: Check dynamic capability action before validating ENHE capability (backport #21395)
  • pimd: guard channel OIL detach against stale pointers (backport #21431)
  • isisd: improve validation of flex-algo decoder (backport)
  • ospfd: add validation in several places before accessing message bodies (backport #21303)
  • pimd: fix NOCACHE MFC resync detection log, add vrf name too (backport #21481)
  • bgpd: Fix mixed remote-as for peer-groups when using auto (backport #21406)
  • bgpd: Don't mark nexthop as changed if a set next-hop unchanged is applied (backport #21445)
  • ospfd: add LSA validation in the apiserver path (backport #21536)
  • eigrpd: enforce minimum TLV length in Hello handler (backport #21543)
  • eigrpd: reject invalid prefix mask len (backport #21539)
  • isisd: use correct min size values for srv6 subtlvs (backport #21540)
  • eigrpd: Handling for malformed update packets (10.5 version)
  • bgpd: fix neighbor IP comparison for IPv6 memcmp return values (backport #21559)
  • eigrpd: fix byte order in Hello authentication decode (backport #21545)
  • bgp_evpn: fix memleak when configuring rd (backport #21566)
  • lib: Report IPv6 MTU and not IPv4 for if_update_state_mtu6 (backport #21501)
  • bgpd: Dynamic capability parsing fixes (backport #21603)
  • isisd: consume leftover bytes after FAD sub-sub-TLV loop (backport #21544)
  • nhrpd: stop debugging auth credentials (backport #21615)
  • bgpd: honor 'no activate' for dynamic neighbors in peer-group (backport #21658)
  • bgpd: migrate timers during peer_xfer_conn to fix stale route cleanup (backport #21558)
  • isisd: Reject SRv6 Locator TLV with Loc-Size of zero (backport #21641)
  • bgpd: Validate if NHC BGPID TLV value is non-zero (backport #21611)
  • bgpd: Check if BGPID NHC TLV exists when IPv6 next-hop is link-local (backport #21377, #21605, #21611)
  • bgpd: Do not allocate NHC TLV with an extra trailer (backport #21606)

Full Changelog: frr-10.5.2...frr-10.5.4

Check out latest releases or
releases around FRRouting/frr frr-10.5.4

Don't miss a new frr release

NewReleases is sending notifications on new releases.

Get notifications