-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-b05ce2af28 2024-03-12 01:57:52.475243 -------------------------------------------------------------------------------- Name : rpki-client Product : Fedora 39 Version : 9.0 Release : 1.fc39 URL : https://www.rpki-client.org/ Summary : OpenBSD RPKI validator to support BGP Origin Validation Description : The OpenBSD rpki-client is a free, easy-to-use implementation of the Resource Public Key Infrastructure (RPKI) for Relying Parties (RP) to facilitate validation of the Route Origin of a BGP announcement. The program queries the RPKI repository system, downloads and validates Route Origin Authorisations (ROAs) and finally outputs Validated ROA Payloads (VRPs) in the configuration format of OpenBGPD, BIRD, and also as CSV or JSON objects for consumption by other routing stacks. -------------------------------------------------------------------------------- Update Information: rpki-client 9.0 Added support for RPKI Signed Prefix Lists Signed Prefix Lists carry the complete list of prefixes which an Autonomous System may originate its routing peers. The validation of a Signed Prefix List confirms that the holder of the listed ASN produced the object. This list is a current, accurate and complete description of address prefixes that may be announced into the routing system originated by this AS. https://datatracker.ietf.org/doc/html/draft-ietf-sidrops-rpki-prefixlist Signed prefix lists are only parsed in filemode or if rpki-client is run with the new -x flag. Added an -x flag to opt into parsing and evaluation of file types that are still considered experimental. At this point in time this covers the signed prefix lists. Added a metric to track the number of new files that were moved to the validated cache. In the OpenMetrics output, per-repository counters are shown. The main process and the JSON output only show the total. Per the announcement in the last release, the stale manifest counters were removed from the OpenMetrics and the JSON output. Ensure that the FileAndHashes list in a Manifest contains no duplicate file names and no duplicate hashes. Various refactoring work, notably to reduce the warning spam generated by OpenSSL 3's deprecations and to remove unergonomic internal structs. -------------------------------------------------------------------------------- ChangeLog: * Sun Mar 3 2024 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 9.0-1 - Upgrade to 9.0 (#2267565) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2267565 - rpki-client-9.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2267565 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-b05ce2af28' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- package-announce@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to package-announce-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-announce@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue