-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-ccff525968 2024-10-01 20:07:20.513674 -------------------------------------------------------------------------------- Name : rpki-client Product : Fedora 40 Version : 9.3 Release : 1.fc40 URL : https://www.rpki-client.org/ Summary : OpenBSD RPKI validator to support BGP Origin Validation Description : The OpenBSD rpki-client is a free, easy-to-use implementation of the Resource Public Key Infrastructure (RPKI) for Relying Parties (RP) to facilitate validation of the Route Origin of a BGP announcement. The program queries the RPKI repository system, downloads and validates Route Origin Authorisations (ROAs) and finally outputs Validated ROA Payloads (VRPs) in the configuration format of OpenBGPD, BIRD, and also as CSV or JSON objects for consumption by other routing stacks. -------------------------------------------------------------------------------- Update Information: rpki-client 9.3 Avoid a quadratic complexity issue in ibuf_realloc() due to misuse of recallocarray(). Transferring a manifest with a large FileAndHash list across a privsep boundary could cost significant resources. RRDP sessions are periodically reinitialized to snapshot at random intervals. RRDP deltas and snapshots can diverge content-wise over time, leaving stale files in the cache. Reinitialization is triggered at random with increasing probability with increasing snapshot age, at least once every three months. this helps garbage collection. The internal state file format changed. The first run after an upgrade may produce harmless warning messages about invalid last_reset. Signed Prefix List statistics are now only emitted when rpki-client is run with -x. This changes the JSON output: without -x some keys are missing from 'metadata'. The -r command line option formerly enabling RRDP has long been the default and is now removed. The CRL number extension in CRLs is checked to be in the range [0..2^159-1] and otherwise the CRL is considered invalid, see https://datatracker.ietf.org/doc/html/draft-ietf-sidrops-rpki-crl-numbers -------------------------------------------------------------------------------- ChangeLog: * Sun Sep 22 2024 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 9.3-1 - Upgrade to 9.3 (#2314116) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2314116 - rpki-client-9.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=2314116 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-ccff525968' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- package-announce@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to package-announce-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-announce@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
