Patch release notes 2204c
Release notes for Vyatta NOS 2204c, released October 20, 2022
Issues resolved
Issues resolved in release 2204c.
Issue number | Priority | Summary |
---|---|---|
VRVDR-56336 | Blocker | Power-cycling or reboot hardware intermittently results in disk boot corruption so that SIAD is a grub prompt unable to boot |
VRVDR-58582 | Blocker | OSPFv3 warning message on SIAD |
VRVDR-58534 | Blocker | WBSIAD booted up with no configuration post upgrade to 2110e |
VRVDR-58493 | Blocker | charon-systemd Cores Detected in SoftLayer System Test during VRRP Shutdown |
VRVDR-58388 | Blocker | Augment the route-map rule "continue" feature to allow the next rule option |
VRVDR-57773 | Blocker | OSPFv3 process resets |
VRVDR-56995 | Blocker | BCM PTP server non-responsive |
VRVDR-57209 | Blocker | PTP client session to the BC cannot meet the phase requirements when G8271.2 APTS impairments are applied |
VRVDR-56863 | Critical | Dataplane crashes when BFD sessions are coming up |
VRVDR-58761 | Critical | ixgbe: per queue statistical counters are broken |
VRVDR-58747 | Critical | Intermittent latency packet drop problem |
VRVDR-58703 | Critical | Receiving error when applying QOS configuration to 2110 |
VRVDR-58455 | Critical | PTP: APTS time never started if not configured on first pass |
VRVDR-58452 | Critical | "Destination port-group 'PG_BFD' does not exist" when upgrading from 1908 |
VRVDR-58370 | Critical | Hotplug fails on mlx5 interfaces after live-migration event on Azure |
VRVDR-58286 | Critical | vyatta-snmp-vrf-agent fail to register because of duplicate registration |
VRVDR-58208 | Critical | System timing remains locked to PTP when GPS and PTP fail simultaneously |
VRVDR-58069 | Critical | Traceback in gnssd /usr/lib/python3/dist-packages/common/i2clock.py possibly leading to crash |
VRVDR-57976 | Critical | Azure: VM startup shows "AttributeError: 'array.array' object has no attribute 'tostring'" |
VRVDR-57640 | Critical | Static IP configuration of Azure vnets and Vyatta dataplane |
VRVDR-57153 | Critical | V150 XSmall Performance Throughput Lower with 2110 release |
VRVDR-58668 | Major | mGRE doesn't work with NAT or Firewall binding at local interface of GRE tunnel |
VRVDR-58663 | Major | Chatty syslog with create and delete interfaces |
VRVDR-58530 | Major | Incorrect checksum calculation during CGNAT+DNAT lookup for return traffic |
VRVDR-58507 | Major | Fails to peer with Calnex when using PTP G.8275.1 forwardable and non-forwardable profile |
VRVDR-58468 | Major | DHCP client doesn't work with TACACS+ with auth-chain |
VRVDR-58460 | Major | Upon adding new VIP on the Master, the Backup router becomes Master with "preempt false" configured |
VRVDR-58459 | Major | System static-host-mapping command doesn't work until reboot Vyatta or reset DNS |
VRVDR-58422 | Major | PAM account management error: Permission denied |
VRVDR-58377 | Major | cpu-affinity conflict test fails when configured with same CPU (shared by other features) for BFD dataplane |
VRVDR-58241 | Major | Various Warning Messages Seen During VM Power Up (mount and mkdir related) |
VRVDR-58217 | Major | OSPF-hello packets don't reach to OSPF daemon without monitor/dumping traffic at OSPF interface |
VRVDR-58169 | Major | "mount /mnt" failure observed during router boot |
VRVDR-58168 | Major | Various Warning Messages Seen During VM Power Up (Vyatta distro related) |
VRVDR-58094 | Major | Address Zscaler site-to-site support issues — don't install shunt policies with any remote-ts and model "any" for remote-id usage |
VRVDR-57085 | Major | Vyatta vrouter in Azure shows RDMA failure during restart |
VRVDR-56105 | Minor | the reboot now command displays Unable to reboot: Message recipient disconnected from message bus without replying but does still reboot |
VRVDR-58491 | Minor | rollback ? command does not show commit comments |
VRVDR-58318 | Minor | Dataplane interface without DPDK ports crashes in pkt_to_mbuf |
Security vulnerabilities resolved
Security vulnerabilities resolved in release 2204c.
Issue number | CVSS score | Advisory | Summary |
---|---|---|---|
VRVDR-58845 | 9.8 | CVE-2022-40674: Debian DLA-3119-1 : expat — LTS security update | |
VRVDR-58254 | 9.8 | CVE-2022-2068: Debian DSA-5169-1 : openssl — security update | |
VRVDR-58726 | 9.8 | CVE-2022-37434: Debian DLA-3103-1 : zlib — LTS security update | |
VRVDR-58765 | 9.8 | CVE-2020-35525, CVE-2020-35527, CVE-2021-20223: Debian DLA-3107-1 : sqlite3 — LTS security update | |
VRVDR-58694 | 8.8 | CVE-2019-5815, CVE-2021-30560: Debian DLA-3101-1 : libxslt — LTS security update | |
VRVDR-58674 | 8.8 | CVE-2020-13253, CVE-2020-15469, CVE-2020-15859, CVE-2020-25084, CVE-2020-25085, CVE-2020-25624, CVE-2020-25625, CVE-2020-25723, CVE-2020-27617, CVE-2020-27821, CVE-2020-28916, CVE-2020-29129, CVE-2020-29443, CVE-2020-35504, CVE-2020-35505, CVE-2021-3392, CVE-2021-3416, CVE-2021-3507, CVE-2021-3527, CVE-2021-3582, CVE-2021-3607, CVE-2021-3608, CVE-2021-3682, CVE-2021-3713, CVE-2021-3748, CVE-2021-3930, CVE-2021-4206, CVE-2021-4207, CVE-2021-20181, CVE-2021-20196, CVE-2021-20203, CVE-2021-20221, CVE-2021-20257, CVE-2022-26354, CVE-2022-35414: Debian DLA-3099-1: qemu – LTS security update | |
VRVDR-58624 | 8.1 | CVE-2021-22898, CVE-2021-22924, CVE-2021-22946, CVE-2021-22947, CVE-2022-22576, CVE-2022-27776, CVE-2022-27781, CVE-2022-27782, CVE-2022-32206, CVE-2022-32208:Debian DLA-3085-1 : curl — LTS security update | |
VRVDR-58643 | 7.8 | CVE-2022-31676: Debian DLA-3081-1 : open-vm-tools — LTS security update | |
VRVDR-58293 | 7.8 | CVE-2021-4197, CVE-2022-0494, CVE-2022-0812, CVE-2022-0854, CVE-2022-1011, CVE-2022-1012, CVE-2022-1016, CVE-2022-1048, CVE-2022-1184, CVE-2022-1195, CVE-2022-1198, CVE-2022-1199, CVE-2022-1204, CVE-2022-1205, CVE-2022-1353, CVE-2022-1419, CVE-2022-1516, CVE-2022-1652, CVE-2022-1729, CVE-2022-1734, CVE-2022-1974, CVE-2022-1975, CVE-2022-2153, CVE-2022-21123, CVE-2022-21125, CVE-2022-21166, CVE-2022-23960, CVE-2022-26490, CVE-2022-27666, CVE-2022-28356, CVE-2022-28388, CVE-2022-28389, CVE-2022-28390, CVE-2022-29581, CVE-2022-30594, CVE-2022-32250, CVE-2022-32296, CVE-2022-33981: Debian DSA-5173-1: linux – security update | |
VRVDR-58185 | 7.8 | CVE-2022-0494, CVE-2022-0854, CVE-2022-1012, CVE-2022-1729, CVE-2022-1786, CVE-2022-1789, CVE-2022-1852, CVE-2022-32250, CVE-2022-1972, CVE-2022-1974, CVE-2022-1975, CVE-2022-21499, CVE-2022-28893: Debian DSA-5161-1: linux – security update | |
VRVDR-58897 | 7.5 | CVE-2022-2795, CVE-2022-38177, CVE-2022-38178: Debian DLA-3138-1 : bind9 — LTS security update | |
VRVDR-58893 | 7.5 | CVE-2022-37797: Debian DLA-3133-1 : lighttpd — LTS security update | |
VRVDR-58767 | 7.5 | CVE-2018-25032, CVE-2021-46669, CVE-2022-21427, CVE-2022-27376, CVE-2022-27377, CVE-2022-27378, CVE-2022-27379, CVE-2022-27380, CVE-2022-27381, CVE-2022-27383, CVE-2022-27384, CVE-2022-27386, CVE-2022-27387, CVE-2022-27445, CVE-2022-27447, CVE-2022-27448, CVE-2022-27449, CVE-2022-27452, CVE-2022-27456, CVE-2022-27458, CVE-2022-32083, CVE-2022-32084, CVE-2022-32085, CVE-2022-32087, CVE-2022-32088, CVE-2022-32091: Debian DLA-3114-1: mariadb-10.3 – LTS security update | |
VRVDR-58536 | 7.5 | CVE-2021-46828: Debian DLA-3071-1 : libtirpc — LTS security update | |
VRVDR-58535 | 7.5 | CVE-2021-4209, CVE-2022-2509: Debian DLA-3070-1 : gnutls28 — LTS security update | |
VRVDR-58948 | 6.5 | CVE-2022-42010, CVE-2022-42011, CVE-2022-42012: Debian DLA-3142-1 : dbus — LTS security update | |
VRVDR-58292 | 6.5 | CVE-2022-34903: Debian DSA-5174-1 : gnupg2 — security update | |
VRVDR-58892 | 6.5 | CVE-2022-31081: Debian DLA-3127-1 : libhttp-daemon-perl — LTS security update | |
VRVDR-58541 | 6.5 | CVE-2022-2585, CVE-2022-2586, CVE-2022-2588, CVE-2022-26373, CVE-2022-29900, CVE-2022-29901, CVE-2022-36879, CVE-2022-36946: Debian DSA-5207-1 : linux — security update | |
VRVDR-58727 | 5.9 | CVE-2022-24302: Debian DLA-3104-1 : paramiko — LTS security update | |
VRVDR-58895 | N/A | Debian DLA-3135-1 : libdatetime-timezone-perl — LTS security update | |
VRVDR-58894 | N/A | Debian DLA-3134-1 : tzdata — LTS security update | |
VRVDR-58766 | N/A | Debian DLA-3112-1 : bzip2 — LTS security update |