There is memory leak in bgp daemon. Please add patch to quagga. Reproducible: Always
Diego, please remove vulnerable version from the tree. TIA.
Uhm Ago, this seems to be unrelated? But yeah will remove them. Marcin, can you tell me whether it's present in .20 as well?
Diego, memory leak appears in .20, we've got two situations when OOM kill bgp daemon after quagga update. Then we find email on list and patch. So "remove vulnerable version" it's ok if: a) "vulnerable" means <.20 and b) memory leak will be fixed in .20 :)
Suplement, version .19 is also affected: http://lists.quagga.net/pipermail/quagga-users/2011-October/012534.html
I don't care about .19 or anything < .20 ... but I'm not sure if quagga upstream fixed the issue in .20, and since I don't use BGP myself it is a bit difficult to be sure of it :|
.20 _is_ affected.
(In reply to comment #2) > Uhm Ago, this seems to be unrelated? But yeah will remove them. Yep, just a reminder, but you can remove all old ebuilds after stabilization of new .20-r1. After consulting, this bug becomes a security bug.
I've fixed this in .20-r1, sorry for the delay. I've also added a new init script so please check if it works fine for you.
(In reply to comment #8) > I've fixed this in .20-r1, sorry for the delay. > > I've also added a new init script so please check if it works fine for you. Great, thank you (and no problem). Arches, please test and mark stable *noting* Diego's request above: =net-misc/quagga-0.99.20-r1 Target keywords : "alpha amd64 arm hppa ppc s390 sparc x86"
amd64: ok, not knowing what init script would be old and which new, I consulted the Changelog hot off the press from a sync. "take the chance to merge the two init scripts, so that zebra is the only real script, and the rest are actually symlinks." testuser@archtester ~/RCS $ qlist quagga | grep /etc/init.d /etc/init.d/zebra /etc/init.d/ripd /etc/init.d/ospfd /etc/init.d/bgpd /etc/init.d/ripngd /etc/init.d/ospf6d testuser@archtester ~/RCS $ file /etc/init.d/ripd /etc/init.d/ripd: a /sbin/runscript script, ASCII text executable testuser@archtester ~/RCS $ file /etc/init.d/ospfd /etc/init.d/ospfd: symbolic link to `ripd' testuser@archtester ~/RCS $ file /etc/init.d/zebra /etc/init.d/zebra: a /sbin/runscript script, ASCII text executable testuser@archtester ~/RCS $ file /etc/init.d/bgpd /etc/init.d/bgpd: symbolic link to `ripd' testuser@archtester ~/RCS $ file /etc/init.d/ripngd /etc/init.d/ripngd: symbolic link to `ripd' testuser@archtester ~/RCS $ file /etc/init.d/ospf6d /etc/init.d/ospf6d: symbolic link to `ripd' Cal me pedantic, but the description does not match. Technically /etc/init.d/ripd warrants a bug filing since it's not a symlink. Be understanding of my reluctance and preference to await your opinion. archtester xen-tools # /etc/init.d/zebra start * Cleaning up stale zebra routes... ... [ ok ] * Starting zebra ... [ ok ] archtester xen-tools # /etc/init.d/zebra stop * Stopping zebra ... Testing of the remainder just requires making a copy of the conf files from /usr/share/doc/quagga-0.99.20/samples/. Is it required?
amd64: emerge pass.
x86 stable
Stable for HPPA.
amd64 done. Thanks Elijah and Ian
arm stable
This is not a security issue, as there is no way to trigger this, rather the leak occurs right after starting quagga.
alpha/s390/sparc stable
ppc stable, removing last arch.
was not security issue
