Fedora alert FEDORA-2026-27892c9184 (rpki-client)
| From: | updates--- via package-announce <package-announce@lists.fedoraproject.org> | |
| To: | package-announce@lists.fedoraproject.org | |
| Subject: | [SECURITY] Fedora 43 Update: rpki-client-9.8-1.fc43 | |
| Date: | Fri, 24 Apr 2026 00:55:37 +0000 | |
| Message-ID: | <20260424005537.90A33775C5@bastion01.rdu3.fedoraproject.org> | |
| Archive-link: | Article |
-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-27892c9184 2026-04-24 00:53:58.937462+00:00 -------------------------------------------------------------------------------- Name : rpki-client Product : Fedora 43 Version : 9.8 Release : 1.fc43 URL : https://www.rpki-client.org/ Summary : OpenBSD RPKI validator to support BGP Origin Validation Description : The OpenBSD rpki-client is a free, easy-to-use implementation of the Resource Public Key Infrastructure (RPKI) for Relying Parties (RP) to facilitate validation of the Route Origin of a BGP announcement. The program queries the RPKI repository system, downloads and validates Route Origin Authorisations (ROAs) and finally outputs Validated ROA Payloads (VRPs) in the configuration format of OpenBGPD, BIRD, and also as CSV or JSON objects for consumption by other routing stacks. -------------------------------------------------------------------------------- Update Information: rpki-client 9.8 Various refactoring for improved compatibility with various libcrypto implementations and in CA/BGPsec certificate handling. Fixed an accounting issue in HTTP gzip compression detection. Added a warning in extra verbose mode (-vv) about standards non-compliant Issuer and Subject ASN.1 string encodings. Added a check for canonical encoding of ASPA eContent in alignment with draft- ietf-sidrops-aspa-profile-22. Ensure that a repository timeout correctly stops repository processing. Fixed a defect in Canonical Cache Representation ROAIPAddressFamily sort order. As a result, rpki-client 9.8 cannot parse rpki-client 9.7's .ccr files and vice versa. Fixed an issue in the parser for the locally configured constraints. A malicious RRDP Publication Server can cause a NULL dereference. A malicious RPKI Publication Server can cause an incorrect error exit. -------------------------------------------------------------------------------- ChangeLog: * Thu Apr 16 2026 Robert Scheck <robert@fedoraproject.org> 9.8-1 - Upgrade to 9.8 (#2458536) * Sat Jan 17 2026 Fedora Release Engineering <releng@fedoraproject.org> - 9.7-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2458536 - rpki-client-9.8 is available https://bugzilla.redhat.com/show_bug.cgi?id=2458536 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-27892c9184' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgr... All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-cond... List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-ann... Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new