Quagga upstream has released 0.99.9; could we have an ebuild for this please? There is a fix for a low-impact DoS (crash on malformed community with debug set).
The main problem to this bump is the AS4 patch. Seems to be some differences of opinion between patch creator (Juergen Kammer) and quagga developer (Paul Jakma). I contacted the patch author and I will contact quagga dev for clarifying the status of AS4 support.
I've just received the response from patch creator. He is busy atm and apparently porting the old patch to the new quagga version is not an easy job. It will take some time (probably a couple of weeks) till a new patch will be created.
Please see the security related fixes http://www.quagga.net/news2.php?y=2007&m=9&d=7#id1189190760
Security problems are fixed in 0.99.7-r1 (see bug 192096).
Thanks to Juergen Kammer's as4-v09.patch, quagga-0.99.9 is now in the tree. Changes: - add caps USE flag Warnings: - as4 patch wasn't tested enough. Quote from http://quagga.ncc.eurodata.de : "Be aware that there have been some changes in the internal quagga structures between 20070430 (which v07 was based on) and 20070909, and v09 is basically untested for now, so be careful, test it, and please send feedback if it runs as smoothly as the other versions did. Of course, v09 survived my small testbed ;-)." - realms patch update wasn't smooth. I think I managed to adapt it, but I don't have a real test environment because I don't use realms. However, running zebra+bgpd patched with quagga-0.99.9-realms.diff appears to work as it (in my test I didn't set any realm). Word of advice... Test it before deploying on production boxes.
I've tested realms patch on my amd64 router and it seems to work properly. Also, my quagga is installed with bgpas4 enabled although I'm not seeing any AS4 on "vtysh -e 'sh ip bgp' | egrep '([6-9][0-9]{4,})|([0-9]{6,})'" command's output.
