quagga: security bump to version 1.0.20160309

Fixes CVE-2016-2342 (AKA VU#270232): Quagga bgpd with BGP peers enabled for
VPNv4 contains a buffer overflow vulnerability.

Remove the --enable-babeld and --enable-opaque-lsa configure options that were
removed in this release.

See the release announcement at
https://lists.quagga.net/pipermail/quagga-dev/2016-March/014938.html.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

diff --git a/package/quagga/Config.in b/package/quagga/Config.in
index 89ff6f25df16dbbfc23ca13e9a508dcb044fae06..56b8cad93c6233f73a8af18a4d15d9d5f36365d7 100644 (file)
--- a/package/quagga/Config.in
+++ b/package/quagga/Config.in
@@ -24,11 +24,6 @@ config BR2_PACKAGE_QUAGGA_TCP_ZEBRA
          You'll want this enabled if zebra and the protocol daemon(s) run
          on different hosts.
 
-config BR2_PACKAGE_QUAGGA_BABELD
-       bool "BABEL protocol"
-       help
-         Build babeld daemon.
-
 config BR2_PACKAGE_QUAGGA_BGPD
        bool "BPGv4+ protocol"
        help
@@ -48,10 +43,6 @@ config BR2_PACKAGE_QUAGGA_OSPFD
        help
          Build ospfd daemon.
 
-config BR2_PACKAGE_QUAGGA_OPAQUE_LSA
-       bool "OSPF Opaque-LSA with OSPFAPI support (RFC2370)"
-       depends on BR2_PACKAGE_QUAGGA_OSPFD
-
 config BR2_PACKAGE_QUAGGA_OSPF6D
        bool "OSPFv3 (IPv6) protocol"
        help

diff --git a/package/quagga/quagga.hash b/package/quagga/quagga.hash
index ba293c414d387ee3532c6b1ba5b0605e446f401b..fdc7472d7506d8cbf5d490405c400748aad634fa 100644 (file)
--- a/package/quagga/quagga.hash
+++ b/package/quagga/quagga.hash
@@ -1,2 +1,2 @@
 # Locally calculated after checking pgp signature
-sha256 6fd6baadb136a801c29c1dd72d0fe69da9f19ae498e87bff7057778361e43b14        quagga-0.99.24.1.tar.xz
+sha256 034e21f87164f44f1c4c89d8fafed4acede298fe3fafbf9277f079544178c66b        quagga-1.0.20160309.tar.xz

diff --git a/package/quagga/quagga.mk b/package/quagga/quagga.mk
index 4a5559401c0548143838eb55b3fae689b3296f31..93c01f9c37f4c3db91a5ddd0f5ae011d2cbfa858 100644 (file)
--- a/package/quagga/quagga.mk
+++ b/package/quagga/quagga.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-QUAGGA_VERSION = 0.99.24.1
+QUAGGA_VERSION = 1.0.20160309
 QUAGGA_SOURCE = quagga-$(QUAGGA_VERSION).tar.xz
 QUAGGA_SITE = http://download.savannah.gnu.org/releases/quagga
 QUAGGA_DEPENDENCIES = host-gawk
@@ -22,7 +22,6 @@ QUAGGA_CONF_OPTS += --disable-capabilities
 endif
 
 QUAGGA_CONF_OPTS += $(if $(BR2_PACKAGE_QUAGGA_ZEBRA),--enable-zebra,--disable-zebra)
-QUAGGA_CONF_OPTS += $(if $(BR2_PACKAGE_QUAGGA_BABELD),--enable-babeld,--disable-babeld)
 QUAGGA_CONF_OPTS += $(if $(BR2_PACKAGE_QUAGGA_BGPD),--enable-bgpd,--disable-bgpd)
 QUAGGA_CONF_OPTS += $(if $(BR2_PACKAGE_QUAGGA_RIPD),--enable-ripd,--disable-ripd)
 QUAGGA_CONF_OPTS += $(if $(BR2_PACKAGE_QUAGGA_RIPNGD),--enable-ripngd,--disable-ripngd)
@@ -33,7 +32,6 @@ QUAGGA_CONF_OPTS += $(if $(BR2_PACKAGE_QUAGGA_WATCHQUAGGA),--enable-watchquagga,
 QUAGGA_CONF_OPTS += $(if $(BR2_PACKAGE_QUAGGA_ISISD),--enable-isisd,--disable-isisd)
 QUAGGA_CONF_OPTS += $(if $(BR2_PACKAGE_QUAGGA_BGP_ANNOUNCE),--enable-bgp-announce,--disable-bgp-announce)
 QUAGGA_CONF_OPTS += $(if $(BR2_PACKAGE_QUAGGA_TCP_ZERBRA),--enable-tcp-zebra,--disable-tcp-zebra)
-QUAGGA_CONF_OPTS += $(if $(BR2_PACKAGE_QUAGGA_OPAQUE_LSA),--enable-opaque-lsa,--disable-opaque-lsa)
 
 ifeq ($(BR2_PACKAGE_QUAGGA_SNMP),y)
 QUAGGA_CONF_ENV += ac_cv_path_NETSNMP_CONFIG=$(STAGING_DIR)/usr/bin/net-snmp-config