FRRouting官网安全更新（2023-12-08）

安全更新

We are pleased to announce FRR release 9.0.2.<br/><br/>Debian Packages - https://deb.frrouting.org<br/><br/>RPM Packages - https://rpm.frrouting.org<br/><br/>Snaps - https://snapcraft.io/frr<br/><br/>Docker - [quay.io/frrouting/frr:9.0.2](https://quay.io/repository/frrouting/frr/manifest/sha256:086acb1278fe86118345f456a1fbfafb80c34d03f7bca9137da0729a1aee5e9c)<br/><br/>## Fixed CVE-2023-47235<br/><br/>More details: https://frrouting.org/security/cve-2023-47235<br/><br/>## Bug Fixes<br/><br/>bgpd<br/>* Fix aggregate-address summary-only suppressed export to EVPN<br/>* Allow using attribute number 255 for path attr discard/withdraw cmds<br/>* Check mandatory attributes more carefully for the UPDATE message<br/>* Do not suppress conditional advertisement updates if triggered<br/>* Fix Extended community memory leak<br/>* Fix the `no set as-path prepend` command<br/>* Fix heap-use-after-free for `bgp_best_selection()`<br/>* Fix crash in SNMP BGP4V2-MIB `bgpv2PeerErrorsTable()`<br/>* Fix `clear bgp ipv6 unicast ...` command<br/>* Flush attributes only if we don&amp;#039;t have to announce a conditional route (avoid use-after-free)<br/>* Free memory for SRv6 functions and locator chunks<br/>* Handle MP_UNREACH_NLRI malformed packets with session reset<br/>* Ignore handling NLRIs if we received the MP_UNREACH_NLRI attribute<br/>* Initialise `timebuf` arrays to zeros for dampening reuse timer<br/>* Initialise buffer in `bgp_notify_admin_message()` before using it<br/>* LTTng add EVPN route trace events<br/>* Make sure dampening is enabled for the specified AFI/SAFI<br/>* Use proper AFI when dumping information for dampening stuff<br/>* Treat the AS4-PATH attribute as withdrawn if malformed<br/>* Treat PMSI tunnel attribute as withdrawn if malformed<br/>* Treat EOR as withdrawn to avoid unwanted handling of malformed attrs<br/><br/>eigrpd<br/>* Use the correct memory pool on interface deletion<br/><br/>mgmtd<br/>* Change mgmtd_vty_port to 2623<br/>* Fix crash on `show mgmtd datastore-contents`<br/><br/>ospf6d<br/>* Fix setting of the forwarding address in as-external LSAs<br/>* Set loopback interface cost to 0<br/><br/>ospfd<br/>* Fixing infinite loop when listing OSPF interfaces<br/><br/>pathd<br/>* Add `no msd` command<br/>* Add `no pcep` command<br/><br/>pbrd<br/>* Fix `show pbr map detail json` command<br/>* Free memory in `pbr_map_delete()`<br/><br/>pim6d<br/>* Fix valgrind issues<br/><br/>pimd<br/>* Fix missing pimreg interface<br/><br/>tools<br/>* Fix the `frr-reload` interface description command<br/>* Fix the `frr-reload` route-map description command<br/>* Make `--quiet` actually suppress output<br/><br/>vtysh<br/>* Fix entering configuration node in file-lock mode<br/>* Fix `configure terminal` argument descriptions<br/>* Fix working in file-lock mode<br/>* Fix `show route map json` output<br/><br/>zebra<br/>* Add `encap` type when building packet for FPM<br/>* Display `ptmStatus` order in interface JSON<br/>* Fix connected route deletion when multiple entry exists<br/>* Fix FPM multipath `encap` addition<br/>* Fix link update for veth interfaces<br/>* Fix zebra crash when replacing `nhe` during shutdown<br/>* Prevent null pointer dereference

FRRouting（FRR）是用于Linux和Unix平台的IP路由协议套件，其中包括BGP，IS-IS，LDP，OSPF，PIM和RIP的协议守护程序。

<p><a target="_blank" href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-47235">CVE-2023-47235</a></p>

暂无

暂无

https://github.com/FRRouting/frr/releases/tag/frr-9.0.2