Fedora 34 Advisory: 2021-335bf19f5d Moderate: rpki-client Enhancements
fedora
November 7, 2021
rpki-client 7.4 Public Keys
Summary
The OpenBSD rpki-client is a free, easy-to-use implementation of the
Resource Public Key Infrastructure (RPKI) for Relying Parties (RP) to
facilitate validation of the Route Origin of a BGP announcement. The
program queries the RPKI repository system, downloads and validates
Route Origin Authorisations (ROAs) and finally outputs Validated ROA
Payloads (VRPs) in the configuration format of OpenBGPD, BIRD, and
also as CSV or JSON objects for consumption by other routing stacks.
rpki-client 7.4 =============== * Added support for validating BGPsec Router
Public Keys. * Fix issues with chunked transfer encoding in the RRDP HTTP
client. * Cleanup and improvement of how IO is handled. * Improvements in
the way X509 certificates are verified. * Make rpki-client more resilient
regarding untrusted input: - Limit the allowed character set for filename
listings on Manifests. - Limit the length of SIA URIs. - Limit the size
of certain untrusted inputs. - Don't exit on failures to parse x509 objects.
- Limit the size of objects retreived via RRDP or RSYNC. - Limit the number
of FileAndHash entries on a manifest. - Constrain RRDP such that the
delta/snapshot files must be hosted at the same host as the notification file.
* Sat Oct 30 2021 Robert Scheck
- Upgrade to 7.4 (#2018729)
[ 1 ] Bug #2018729 - rpki-client-7.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2018729
su -c 'dnf upgrade --advisory FEDORA-2021-335bf19f5d' at the command
line. For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/security/
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Change Log
References
Update Instructions
PREVIOUS
NEXT
Product: Fedora 34
Version: 7.4
Release: 1.fc34
Summary: RPKI validator to support BGP Origin Validation
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!