kpriv/freebsd-ports
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
freebsd-ports/net/routinator
History
Jaap Akkerhuis 9b65e5946f net/routinator: Update to 0.13.0 
ChangeLog: https://nlnetlabs.nl/news/2023/Sep/21/routinator-0.13.0-released/

New

 * Added support for ASPA. Processing needs to be enabled via the new option
   enable-aspa which is only available if the aspa feature is explicitly
   selected during compilation. This is due to the specification still
   changing. The implementation currently conforms with
   draft-ietf-sidrops-aspa-profile-15.
 * Added support for version 2 of the RTR protocol. This primarly means support
   for the ASPA payload type.
 * Sending SIGUSR2 to Routinator will re-open a log file if logging to a file is
   enabled.
 * The HTTP server provides a new endpoint /json-delta/notify that can be used
   to wait for updated data similar to the RTR Notify PDU.
 * Added support for filtering and adding router keys via local exception files.

 * The vrps command and the HTTP payload output endpoints now allow excluding
   specific payload types for output.
 * Added a new member payload to the output of the /api/v1/status endpoint that
   gives an overall summary of the produced payload.
 * Added new members generated and generatedTime to the JSON object produced by
   the /json-delta endpoint.

Breaking Changes

 * A new field aspa was added to the jsonext format. See the manual page for
   more information.
 * A number of ASPA-related fields have been added to all metrics and status
   formats.
 * Renamed functions and attributes that refer to standalone end entity
   certificates to refer to router certificates so they don’t get confused with
   the end entity certificates included with signed objects.
 * Renamed the JSON member in the HTTP status API from validEECerts to
   validRouterCerts. The old name is still available but may be removed in the
   future.
 * The regular json output format now includes router key and ASPA output. Since
   both are disabled by default, the format will still be compatible by default.
 * The minimal required Rust version has been increased to 1.70.

Bug Fixes

 * Fixed a bug in the RTR server where it would include router key PDUs even if
   the negotiated protocol version was 0.
 * Restored the ability to parse ASNs in JSON input to the validity command as
   string or number.
 * Update bcder to at least 0.7.3 to fix various decoding issues that could lead
   to a panic when processing invalid RPKI objects.
 * Check the request URI when generating a path for storing a copy of a RRDP
   response with the rrdp-keep-responses option to avoid path traversal.
   Found by Haya Shulman, Donika Mirdita and Niklas Vogel.  Assigned
   CVE-2023-39916

Other Changes

 * The log message for missing manifest now include the URI of the CA
   certificate for which the manifest is missing. (#864)
 * Binary packages are now also built for Debian bookworm. (#881)

PR:		274105
Reported by:	jaap@NLnetLabs.nl (maintainer)
Security:	CVE-2023-39916
2023-09-28 10:42:23 +02:00
..
files
distinfo net/routinator: Update to 0.13.0 2023-09-28 10:42:23 +02:00
Makefile net/routinator: Update to 0.13.0 2023-09-28 10:42:23 +02:00
Makefile.crates net/routinator: Update to 0.13.0 2023-09-28 10:42:23 +02:00
pkg-descr
pkg-plist