home

Release notes

Getting startedOverviewArchitectureSupported platformsRelease notesWhite papers
Getting startedOverviewArchitectureSupported platformsRelease notesWhite papers

Vyatta documentation

Learn how to install, configure, and operate the Vyatta Network Operating System (Vyatta NOS) and Orchestrator, which help drive our virtual networking and physical platforms portfolio.

Show On this page:

Show Page Sections

thumbnailRelease notes

VNOS release notes 2012

Patch release notes 2012k

Vyatta NOS patch release notes 2012k.

Released June 21, 2022

Issues resolved

Issues resolved in release 2012k.

Issue number

Priority

Summary

VRVDR-56336

Blocker

Power-cycling or reboot hardware intermittently results in disk boot corruption so that SIAD is a grub prompt unable to boot

VRVDR-58161

Blocker

QinQ: The cli prompt does not return after deleting the vif config from the dataplane interface

VRVDR-57146

Critical

QinQ: config prompt does not return after deleting the vif from the dataplane interface, hence QinQ scripts are failing

VRVDR-56916

Critical

Installer errors and fails to install image on upgrade of Flexware box from 1903

VRVDR-56702

Critical

add system image for Kington fails when base image is 1912p, works fine from 1903m base

VRVDR-57467

Critical

Banner with newline prevents loading configuration after upgrade from 1903j to 1908n

VRVDR-57849

Major

vyatta-vrrp crashes on boot if vrrp group is disabled

VRVDR-57814

Major

Crash of IKE control-plane during shutdown or VRRP backup-transition

VRVDR-57797

Major

IPsec: Crypto device limit causing tunnel setup failure

VRVDR-57778

Major

Vyatta configuration lost after reboot with vrrp vrrp-group <x> hello-source-address <x.x.x.x> command

VRVDR-57760

Minor

SYN-SENT no longer displayed in journal/logs up on upgrade from 1801zf to 1912q

Security vulnerabilities resolved

Security vulnerabilities resolved in 2012k.

Issue number

CVSS score

Advisory

Summary

VRVDR-57991

9.8

DSA-5140-1

CVE-2022-29155: Debian DSA-5140-1 : openldap - security update

VRVDR-57926

9.8

DSA-5139-1

CVE-2022-1292: Debian DSA-5139-1 : openssl - security update

VRVDR-57734

9.8

DSA-5130-1

CVE-2021-3839, CVE-2022-0669: Debian DSA-5130-1 : dpdk - security update

VRVDR-58044

9.1

DSA-5147-1

CVE-2022-1664: Debian DSA-5147-1 : dpkg - security update

VRVDR-57161

8.8

DSA-5092-1

CVE-2021-43976, CVE-2022-0330, CVE-2022-0435, CVE-2022-0516, CVE-2022-0847, CVE-2022-22942, CVE-2022-24448, CVE-2022-24959, CVE-2022-25258, CVE-2022-25375: Debian DSA-5092-1: linux – security update

VRVDR-57692

7.8

DSA-5127-1

CVE-2021-4197, CVE-2022-0168, CVE-2022-1016, CVE-2022-1048, CVE-2022-1158, CVE-2022-1195, CVE-2022-1198, CVE-2022-1199, CVE-2022-1204, CVE-2022-1205, CVE-2022-1353, CVE-2022-1516, CVE-2022-26490, CVE-2022-27666, CVE-2022-28356, CVE-2022-28388, CVE-2022-28389, CVE-2022-28390, CVE-2022-29582: Debian DSA-5127-1: linux – security update

VRVDR-57189

7.8

DSA-5095-1

CVE-2020-36310, CVE-2022-0001, CVE-2022-0002, CVE-2022-0487, CVE-2022-0492, CVE-2022-0617, CVE-2022-25636: Debian DSA-5095-1: linux – security update

VRVDR-58014

6.5

DSA-5142-1

CVE-2022-29824: Debian DSA-5142-1 : libxml2 - security update

AES-NI capable CPU is mandatory for IPsec using AES-GCM or AES-CBC

The AES-NI instruction set in the CPU must be enabled when using IPsec with AES-GCM or AES-CBC. Depending on the platform, AES-NI must be enabled in UEFI/BIOS, or in the hypervisor when using a virtual machine.

Consult the UEFI/BIOS configuration manual of your platform vendor to learn how to enable the AES-NI processor/CPU feature.

Last updated: July 25, 2022