BIRD 3.1.4 and 3.0.5 released

Maria Matejka maria.matejka at nic.cz
Wed Sep 24 08:11:38 CEST 2025


Hello!

On Mon, Sep 22, 2025 at 10:22:46PM +0200, Maria Matejka via Bird-users wrote:
 
> we are releasing BIRD versions 3.1.4 and 3.0.5. We have fixed several crashes
> in BGP. including one which was remotely exploitable (CVE-2025-59688).
> This was so far probably the worst bug I remember, and we very much hope
> that nothing similar is going to happen any time soon again.

… and now there is also a writeup about that exploitable crash.

<https://en.blog.nic.cz/2025/09/24/crashing-bird-3-by-sending-a-notification-cve-2025-59688/>

Maria

-- 
Maria Matejka (she/her) | BIRD Team Leader | CZ.NIC, z.s.p.o.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://trubka.network.cz/pipermail/bird-users/attachments/20250924/c9d950b3/attachment.htm>


More information about the Bird-users mailing list