Defects
The defects that have been resolved in this release are detailed in this section.
Security vulnerabilities
Security issues have been resolved in this release.
| Key | Summary |
|---|---|
| openssl - security update (VRVDR-47573) | CVE-2019-1543: Debian DSA-4475-1 |
| linux - security update (4.19 kernels) (VRVDR-47325) | CVE-2019-3846, CVE-2019-5489, CVE-2019-9500, CVE-2019-9503, CVE-2019-10126, CVE-2019-11477, CVE-2019-11478, CVE-2019-11479, CVE-2019-11486, CVE-2019-11599, CVE-2019-11815, CVE-2019-11833, CVE-2019-11884 |
Resolved issues
Customer issues have been resolved in this release.
| Component | Key | Summary |
|---|---|---|
| GUI | VRVDR-47606 |
Configuring service https listen-address bypasses the
TLSv1.2 enforcement |
| Kernel, NTP | VRVDR-47506 | ntpq segfault in ld-2.24.so |
| NAT | VRVDR-46941 | Traffic that has SNAT session is filtered using stateless ZBF on return |
| Routing infrastructure | VRVDR-46422 | Routing-instance does not signal to user about name-length restrictions |
| VRRP | VRVDR-46029 | VRRP authentication either with simple text password or AH type does not work properly |
| Connsync, Dataplane | VRVDR-45748 | Missing checks for zmsg_popstr returning a NULL pointer causing connsync to crash dataplane |
| Support Infrastructure | VRVDR-45740 | generate tech-support archive should not aggregate all existing archives |
| VRRP | VRVDR-45720 | VRRP gets stuck waiting for a packet when start_delay used with only a single router |
| Dataplane | VRVDR-45565 | Output h/w queue drops incrementing after upgrading from 5400 to 5600 1801u |
Known issues
The known issues in this release have been identified.
| Component | Key | Summary |
|---|---|---|
| Bridging | VRVDR-47871 | Permission denied error when attempting to clear bridge interface counters |
| VRRP | VRVDR-47863 | VRRPv3 VRF IPv6 IPAO: Reconfig of LL vip results in MASTER/MASTER scenario |
| GRE | VRVDR-47858 | GRE: RTNETLINK answers: No such file or directory on trying to delete tunnel |
| System | VRVDR-47828 | Observing the core file while running the Rollback regression |
| Switch - Broadcom | VRVDR-47814 | system ip gratuitous-arp not setting policy |
| SNMP | VRVDR-47729 | Qumran AX whitebox fails to send coldStart trap on system reboot |
| Interfaces | VRVDR-47646 | Failed to process returned data: invalid character 'U' looking for beginning of value at /opt/vyatta/share/perl5/Vyatta/Configd.pm line 208 |
| Logging | VRVDR-41129 | Journal can't export logs to destination in routing instance |
| QoS | VRVDR-47934 | When a QoS policy is configured with a simple class match (one not involving an action-group) the "show policy qos <if-name> class" command displays no output |