Recommended update for iproute2

Announcement ID:	SUSE-RU-2024:2172-1
Rating:	moderate
References:	bsc#1204562 jsc#PED-6820 jsc#PED-6844 jsc#PED-8358
Affected Products:	Basesystem Module 15-SP6 openSUSE Leap 15.6 SUSE Linux Enterprise Desktop 15 SP6 SUSE Linux Enterprise Real Time 15 SP6 SUSE Linux Enterprise Server 15 SP6 SUSE Linux Enterprise Server for SAP Applications 15 SP6

An update that contains three features and has one fix can now be installed.

Description:

This update for iproute2 fixes the following issues:

iproute2 was updated to version 6.4 (jsc#PED-6820 jsc#PED-6844, jsc#PED-8358):

• Fixed display of bound but unconnected sockets (bsc#1204562)

• Changes in version 6.4:

• bridge: mdb: added underlay destination IP support, UDP destination port support, destination VNI support, source VNI support, outgoing interface support

• macvlan: added the "bclim" parameter

• Changes in version 6.3:

• New release of iproute2 corresponding to the 6.3 kernel. No large feature improvements only incremental improvements to the bridge mdb support, mostly just bug fixes.

• Changes in version 6.2:

• f_flower: Introduce L2TPv3 support

• bridge: fdb: Add support for locked FDB entries
• bridge: link: Add MAC Authentication Bypass (MAB) support
• ip: Support --json on ip neigh get

• tc: Add JSON output to tc-class

• Changes in version 6.1:

• man: ss.8: fix a typo

• testsuite: fix build failure
• genl: remove unused vars in Makefile
• json: do not escape single quotes
• ip-monitor: Do not error out when RTNLGRP_STATS is not available
• ip-link: man: Document existence of netns argument in add command
• macsec: add Extended Packet Number support
• macsec: add user manual description for extended packet number feature
• ip: xfrm: support "external" (collect_md) mode in xfrm interfaces
• ip: xfrm: support adding xfrm metadata as lwtunnel info in routes
• ip: add NLM_F_ECHO support
• libnetlink: add offset for nl_dump_ext_ack_done
• tc/tc_monitor: print netlink extack message
• rtnetlink: add new function rtnl_echo_talk()
• ip: fix return value for rtnl_talk failures
• iplink_bridge: Add no_linklocal_learn option support
• devlink: use dl_no_arg instead of checking dl_argc == 0
• devlink: remove dl_argv_parse_put
• mnlg: remove unnused mnlg_socket structure
• utils: extract CTRL_ATTR_MAXATTR and save it
• devlink: expose nested devlink for a line card object
• devlink: load port-ifname map on demand
• devlink: fix parallel flash notifications processing
• devlink: move use_iec into struct dl
• devlink: fix typo in variable name in ifname_map_cb()
• devlink: load ifname map on demand from ifname_map_rev_lookup() as well
• dcb: unblock mnl_socket_recvfrom if not message received
• libnetlink: Fix memory leak in __rtnl_talk_iov()
• tc_util: Fix no error return when large parent id used
• tc_util: Change datatype for maj to avoid overflow issue
• ss: man: add missing entries for MPTCP
• ss: man: add missing entries for TIPC
• ss: usage: add missing parameters
• ss: re-add TIPC query support
• devlink: Fix setting parent for 'rate add'
• link: display 'allmulti' counter
• seg6: add support for flavors in SRv6 End* behaviors
• tc: ct: Fix invalid pointer dereference
• uapi: update from 6.1 pre rc1
• u32: fix json formatting of flowid
• tc_stab: remove dead code
• uapi: update for in.h and ip.h
• remove #if 0 code
• tc: add json support to size table
• tc: put size table options in json object
• tc/basic: fix json output filter
• iplink: support JSON in MPLS output
• tc: print errors on stderr
• ip: print mpls errors on stderr
• tc: make prefix const
• man: add missing tc class show
• iplink_can: add missing `]' of the bitrate, dbitrate and termination arrays

• ip link: add sub-command to view and change DSA conduit interface

• Changes in version 6.0:

• ipstats: Add param.h for musl

• Update kernel headers
• libbpf: add xdp program name support
• iplink: bond_slave: add per port prio support
• seg6: add support for SRv6 Headend Reduced Encapsulation
• lib: Introduce ppp protocols

• f_flower: Introduce PPPoE support

• Changes in version 5.19:

• ip/iplink_virt_wifi: add support for virt_wifi

• Update kernel headers
• libnetlink: Add filtering to rtnl_statsdump_req_filter()
• ipstats: Add a "set" command
• ipstats: Add a group "link"
• libbpf: Use bpf_object__load instead of bpf_object__load_xattr
• uapi: change name for zerocopy sendfile in tls
• bridge: vxlan device vnifilter support

• f_flower: Add num of vlans parameter

• Changes in version 5.18:

• The build issues with libbpf should be fixed now.

• Building with clang is now supported.

• There are still some warnings with gcc-12 that will need to be fixed in the upstream kernel headers.

• Changes in version 5.17:

• lib/fs: fix memory leak in get_task_name()

• bridge: Remove vlan listing from bridge link
• bond: add arp_missed_max option
• libnetlink: fix socket leak in rtnl_open_byproto()
• dcb: Fix error reporting when accessing "dcb app"
• tc_util: Fix parsing action control with space and slash
• lib: fix ax25.h include for musl
• uapi: add missing rose and ax25 files
• rdma: Fix res_print_uint() and add res_print_u64()

• tc: Add support for ce_threshold_value/mask in fq_codel

• Add tmpfiles.d conf for /run/netns

• Changes in version 5.16:

• devlink: Fix cmd_dev_param_set() to check configuration mode

• ip: add AMT support
• iplink_can: fix configuration ranges in print_usage() and add unit
• tc: flower: Fix buffer overflow on large labels
• ip/ipnexthop: fix unsigned overflow in parse_nh_group_type_res()
• tc/m_vlan: fix print_vlan() conditional on TCA_VLAN_ACT_PUSH_ETH

• iplink_can: add new CAN FD bittiming parameters: Transmitter Delay Compensation (TDC)

• Changes in version 5.15:

• lib: bpf_legacy: fix bpffs mount when /sys/fs/bpf exists

• man: devlink-port: fix the devlink port add synopsis
• man: devlink-port: fix pfnum for devlink port add
• iptuntap: fix multi-queue flag display
• mptcp: unbreak JSON endpoint list
• ipneigh: add support to print brief output of neigh cache in tabular format
• ip/bond: add LACP active support
• ip/tunnel: always print all known attributes
• Add, show, link, remove IOAM namespaces and schemas
• New IOAM6 encap type for routes
• tc/skbmod: Introduce SKBMOD_F_ECN option
• tc/f_flower: fix port range parsing

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

• openSUSE Leap 15.6
  zypper in -t patch SUSE-2024-2172=1 openSUSE-SLE-15.6-2024-2172=1
• Basesystem Module 15-SP6
  zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-2172=1

Package List:

• openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
  • iproute2-arpd-debuginfo-6.4-150600.7.3.1
  • libnetlink-devel-6.4-150600.7.3.1
  • iproute2-debugsource-6.4-150600.7.3.1
  • iproute2-arpd-6.4-150600.7.3.1
  • iproute2-6.4-150600.7.3.1
  • iproute2-bash-completion-6.4-150600.7.3.1
  • iproute2-debuginfo-6.4-150600.7.3.1
• Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
  • iproute2-arpd-debuginfo-6.4-150600.7.3.1
  • libnetlink-devel-6.4-150600.7.3.1
  • iproute2-debugsource-6.4-150600.7.3.1
  • iproute2-arpd-6.4-150600.7.3.1
  • iproute2-6.4-150600.7.3.1
  • iproute2-bash-completion-6.4-150600.7.3.1
  • iproute2-debuginfo-6.4-150600.7.3.1

References:

• https://bugzilla.suse.com/show_bug.cgi?id=1204562
• https://jira.suse.com/browse/PED-6820
• https://jira.suse.com/browse/PED-6844
• https://jira.suse.com/browse/PED-8358