IBM Cloud Docs
AT&T Vyatta 5400 vRouter security vulnerability fixes

AT&T Vyatta 5400 vRouter security vulnerability fixes

As of August 30, 2018: This document lists the security vulnerability fixes for the Vyatta 5400 vRouter. When multiple Common Vulnerabilities and Exposures (CVE) numbers are addressed in a single update, the highest Common Vulnerability Scoring System (CVSS) score is listed.

6.7R14S10

Released August 30, 2018

Issues Resolved

Issues resolved in 6.7R14S10
Issue Number Priority Summary
VSE-9911 Major 6.7R13S3 upgrade to 6.7R14S9 caused “rpc_scheddetected stalls on CPUs/tasks” and system crashed and frozen

6.7R14S9

Released July 16, 2018

Security Vulnerabilities Resolved

Security vulnerabilities resolved in 6.7R14S8
Issue Number CVSS score Advisory Summary
VSE-9909 6.5 DSA-4229-1 CVE-2018-5388, CVE-2018-10811: Debian DSA-4229- 1: Strongswan security update
VSE-9903 9.8 DLA-1390-1 CVE-2018-1122, CVE-2018-1123, CVE-2018-1124, CVE-2018-1125, CVE-2018-1126: Debian DLA-1390-1: procps security update

6.7R14S8

Released June 1, 2018

Security Vulnerabilities Resolved

Security vulnerabilities resolved in 6.7R14S8
Issue Number CVSS score Advisory Summary
VSE-9905 7.5 DLA-1388-1 CVE-2018-11358, CVE-2018-11362, CVE-2018-9258, CVE-2018-9260, CVE-2018-9261, CVE-2018-9263, CVE-2018-9268, CVE-2018-9269, CVE-2018-9270: Debian DLA-1388-1: wireshark – security update
VSE-9902 9.1 DLA-1379-1 CVE-2018-1000301: Debian DLA-1379-1: curl – security update
VSE-9899 6/5 DLA-1375-1 CVE-2018-0494: Debian DLA-1375-1: wget – security update

6.7R14S7

Released May 14, 2018

Issues Resolved

Issues resolved in HERE
Issue Number Priority Summary
VSE-9525 Minor Show version gives “SMBIOS” error message

Security Vulnerabilities Resolved

Security vulnerabilities resolved in 6.7R14S7
Issue Number CVSS score Advisory Summary
VSE-9897 9.8 DLA-1358-1 CVE-2017-17742, CVE-2018-1000075, CVE-2018- 1000076, CVE-2018-1000077, CVE-2018-1000078, CVE-2018-6914, CVE-2017-8777, CVE-2018-8778, CVE-2018-8779, CVE-2018-8780: Debian DLA-1358-1: ruby1.9.1 – security update
VSE-9896 7.5 DLA-1353-1 CVE-2018-7322, CVE-2018-7323, CVE-2018-7324, CVE-2018-7332, CVE-2018-7334, CVE-2018-7335, CVE-2018-7336, CVE-2018-7337, CVE-2018-7417, CVE-2018-7418, CVE-2018-7419, CVE-2018-7420: Debian DLA-1353-1: wireshark – security update
VSE-9895 7.8 DLA-1348-1 CVE-2018-1000156: Debian DLA-1348-1: patch – security update
VSE-9894 9.8 DLA-1345-1 CVE-2018-6913: Debian DLA-1345-1: perl -s ecurity update
VSE-9893 6.5 DLA-1330-1 CVE-2018-0739: Debian DLA-1330-1: openssl - security update
VSE-9892 9.8 DLA-1328-1 CVE-2017-12627: Debian DLA-1328-1: xerces-c - security update
VSE-9891 N/A DLA-1323-1 Debian DLA-1323-1: tzdata - security update
VSE-9890 9.8 DLA-1309-1 CVE-2018-1000120, CVE-2018-1000121, CVE-2018- 1000122: Debian DLA-1309-1: curl - security update
VSE-9886 8.8 DSA-4071-1 CVE-2017-17512: Debian DSA-4071-1: sensible-utils – security update
VSE-9885 6.5 DSA-4018-1 CVE-2017-3735, CVE_2017-3736: DSA-4018-1 openssl – security update
VSE-9832 7.5 DLA-1059-1 CVE-2017-11185: Debian DLA-1059-1: strongswan security update

6.7R14S6

Released March 6, 2018.

Issues Resolved

Issues resolved in HERE
Issue Number Priority Summary
VSE-9880 Minor Disabling RPF source-validation does not remove setting from all interfaces

Security Vulnerabilities Resolved

Security vulnerabilties resolved in HERE
Issue Number CVSS score Advisory Summary
VSE-9887 6.5 DSA-4101-1 CVE-2018-5334, CVE-2018-5335, CVE-2018-5336: Debian DSA-4101-1: wireshark – security update
VSE-9884 9.8 DSA-3971-1 VE-2017-11108, CVE-2017-11541, CVE-2017-11542, CVE-2017-11543, CVE-2017-12893, CVE-2017-12894, CVE-2017-12895, CVE-2017-12896, CVE-2017-12897, CVE-2017-12898, CVE-2017-12899, CVE-2017-12900, CVE-2017-12901, CVE-2017-12902, CVE-2017-12985, CVE-2017-12986, CVE-2017-12987, CVE-2017-12988, CVE-2017-12989, CVE-2017-12990, CVE-2017-12991, CVE-2017-12992, CVE-2017-12993, CVE-2017-12994, CVE-2017-12995, CVE-2017-12996, CVE-2017-12997, CVE-2017-12998, CVE-2017-12999, CVE-2017-13000, CVE-2017-13001, CVE-2017-13002, CVE-2017-13003, CVE-2017-13004, CVE-2017-13005, CVE-2017-13006, CVE-2017-13007, CVE-2017-13008, CVE-2017-13009, CVE-2017-13010, CVE-2017-13011, CVE-2017-13012, CVE-2017-13013, CVE-2017-13014, CVE-2017-13015, CVE-2017-13016, CVE-2017-13017, CVE-2017-13018, CVE-2017-13019, CVE-2017-13020, CVE-2017-13021, CVE-2017-13022, CVE-2017-13023, CVE-2017-13024, CVE-2017-13025, CVE-2017-13026, CVE-2017-13027, CVE-2017-13028, CVE-2017-13029, CVE-2017-13030, CVE-2017-13031, CVE-2017-13032, CVE-2017-13033, CVE-2017-13034, CVE-2017-13035, CVE-2017-13036, CVE-2017-13037, CVE-2017-13038, CVE-2017-13039, CVE-2017-13040, CVE-2017-13041, CVE-2017-13042, CVE-2017-13043, CVE-2017-13044, CVE-2017-13045, CVE-2017-13046, CVE-2017-13047, CVE-2017-13048, CVE-2017-13049, CVE-2017-13050, CVE-2017-13051, CVE-2017-13052, CVE-2017-13053, CVE-2017-13054, CVE-2017-13055, CVE-2017-13687, CVE-2017-13688, CVE-2017-13689, CVE-2017-13690, CVE-2017-13725: Debian DSA-3971-1: tcpdump – security update
VSE-9883 N/A DLA-1291-1 Debian DLA-1291-1: tzdata new upstream version
VSE-9878 9.8 DLA-1263-1 CVE-2018-1000007: Debian DLA-1263-1: curl security update
VSE-9871 5.6 DSA-4078-1 CVE-2017-5754: Debian DSA-4078-1: linux – security update (Meltdown)
VSE-9867 9.8 DLA-1221-1 CVE-2017-17405, CVE_2017-17790: Debian DLA- 1221-1: ruby1.0.1 security update
VSE-9852 8.8 DLA-1149-1 CVE-2017-13089, CVE-2017-13090: Debian DLA-1149- 1: wget security update
VSE-9851 9.1 DLA-1143-1 CVE-2017-1000257: Debian DLA-1143-1: curl security update
VSE-9850 7.8 DLA-1135-1 CVE-2017-10140: Debian DLA-1135-1: db security update
VSE-9817 7.8 DLA-992-1 CVE-2017-1000366 Plugin: 100875 Debian DLA-992-1: eglibc security update

6.7R14S5

Released February 2, 2018.

Issues Resolved

Issues resolved in HERE
Issue Number Priority Summary
VSE-9866 Minor IPsec out of sequence inbound errors

Security Vulnerabilities Resolved

Security vulnerabilties resolved in 6.7R14S5
Issue Number CVSS score Advisory Summary
VSE-9875 7.5 DLA-1247-1 CVE-2018-5764: Debian DLA-1247-1: rsync security update
VSE-9864 N/A DLA-1211-1 CVE-2017-15412: Debian DLA-1211-1: libxml2 security update
VSE-9802 7.5 DLA-973-1 CVE-2017-9022, CVE-2017-9023: Debian DLA-973-1: strongswan security update

6.7R14S4

Released December 19, 2017.

Security Vulnerabilities Resolved

Security vulnerabilties resolved in 6.7R14S4
Issue Number CVSS score Advisory Summary
VSE-9857 9.8 DLA-1171-1 CVE-2017-10672: DLA-1171-1 libxml-libxml-perl – security update

6.7R14S3

Released November 14, 2017.

Security Vulnerabilities Resolved

Security vulnerabilties resolved in 6.7R14S3
Issue Number CVSS score Advisory Summary
VSE-9856 N/A DLA-1138-1 CVE-2017-7805: Debian DLA-1138-1: nss security update
VSE-9852 8.8 DLA-1149-1 CVE-2017-13089, CVE-2017-13090: Debian DLA-1149- 1: wget security update

6.7R14S2

Released October 10, 2017.

Issues Resolved

Issues resolved in 6.7R14S2
Issue Number Priority Summary
VSE-9837 Minor “show system commit different” showing permission denied after upgrade from 6.7R11S9 to 6.7R13S3

Security Vulnerabilities Resolved

Security vulnerabilties resolved in 6.7R14S2
Issue Number CVSS score Advisory Summary
VSE-9845 9.8 DLA-1124-1 CVE-2017-14491, CVE-2017-14492, CVE-2017-14494: Debian DLA-1124-1: dnsmasq security update

6.7R14S1

Released September 22, 2017.

Issues Resolved

Issues resolved in 6.7R14S1
Issue Number Priority Summary
VSE-9831 Major MTU setting reverts back to default after reboot on a VIF interface

Security Vulnerabilities Resolved

Security vulnerabilties resolved in 6.7R14S1
Issue Number CVSS score Advisory Summary
VSE-9841 9.8 DLA-1060-1 CVE-2017-0663, CVE-2017-7376: Debian DLA-1060-1: libxml2 security update
VSE-9840 6.5 DLA-1062-1 CVE-2017-1000100: Debian DLA-1062-1: curl security update
VSE-9839 7.5 DLA-1059-1 CVE-2017-11185: Debian DLA-1059-1: strongswan security update
VSE-9835 7.5 DSA-3900-1 CVE-2017-7522, CVE-2017-7521, CVE-2017-7520, CVE-2017-7508 OpenVPN security update