Knowledge Search


×
 

15.1F6-S12: Software Release Notification for Junos Software Service Release version 15.1F6-S12

  [TSB17530] Show Article Properties


Alert Type:
SRN - Software Release Notification
Product Affected:
MX, T, PTX, VMX, OPEN FLOW, VRR
Alert Description:
Junos Software Service Release version is now available for download from the Junos software download site
Download Junos Software Service Release:
  1. Go to Junos Platforms - Download Software page
  2. Input your product in the "Find a Product" search box
  3. From the Type/OS drop-down menu, select Junos SR
  4. From the Version drop-down menu, select your version
  5. Click the Software tab
  6. Select the Install Package as need and follow the prompts
Solution:

Junos Software service Release version 15.1F6-S12 is now available.

The following are incremental changes in 15.1F6-S12.

 
PR Number Synopsis Description
1182684

RPD might crash when bgp session with l2vpn/vpls signalling flaps

The RPD process may restarts when a BGP session with l2vpn/vpls signaling flaps. The restart is seen with the reason "assert" due to label release for L2VPN FEC 129.

1188681

JSA10904 Junos OS: FreeBSD-SA-15:20.expat : Multiple integer overflows in expat (libbsdxml) XML parser (CVE-2015-1283)

A numeric error vulnerability exists in the expat XML processing library of Juniper Networks Junos OS which allows a remote unauthenticated attacker to cause an Out of Memory (OoM) or buffer overflow Denial of Service (DoS) condition, potentially with other possible unspecified impacts, through crafted XML data input. Refer to https://kb.juniper.net/JSA10904 for more information.

1264695

JSA10897 2018-10 Security Bulletin: Junos OS: Denial of Service in J-Web (CVE-2018-0062)

Junos OS: Denial of Service in J-Web (CVE-2018-0062); Refer to https://kb.juniper.net/JSA10897 for more information.

1312117

The rpd process might crash if LDP updates the label for BGP route

When LDP egress-policy is configured for the BGP route and a label is received for a BGP route in inet.0 table from LDP, if BGP receives a new label for the same BGP route matching the LDP egress-policy, rpd might crash because of updating the new label.

1326394

JSA10885 2018-10 Security Bulletin: Junos OS: Denial of Service vulnerability in MS-PIC, MS-MIC, MS-MPC, MS-DPC and SRX flow daemon (flowd) related to SIP ALG (CVE-2018-0051)

Junos OS: Denial of Service vulnerability in MS-PIC MS-MIC MS-MPC MS-DPC and SRX flow daemon (flowd) related to SIP ALG (CVE-2018-0051); Refer to https://kb.juniper.net/JSA10885 for more information.

1331911

The FPC might crash due to the IFL index corruption when IPv6 traffic goes through the IRB interface

In IPv6 scenario, if the IPv6 traffic is coming in an IRB interface and triggering ICMPv6 error packet with the error type of 'MTU exceeded' or 'redirect', and the ICMPv6 error packet is sent out a different IRB interface than the incoming IRB interface, the index of the IRB logical interface (IFL) might be corrupted. The subsequent configuration change (e.g. deactivating/activating, deleting or changing interface configuration) might cause the crash of the FPC hosting the corrupted IFL index. The traffic black hole also might be seen on the affected FPC.

1339567

JSA10879 2018-10 Security Bulletin: Junos OS: RPD daemon crashes due to receipt of specific Draft-Rosen MVPN control packet in Draft-Rosen MVPN configuration (CVE-2018-0045)

RPD daemon crashes due to receipt of specific Draft-Rosen MVPN control packet in Draft-Rosen MVPN configuration (CVE-2018-0045); Refer to https://kb.juniper.net/JSA10879 for more information.

1342942

KRT queue might be stuck on changing RD of a routing-instance

Junos platforms do not support 'on the fly RD change' - changing the RD (route distinguisher) of an active routing-instance to another value, which might lead to KRT (kernel routing table) queue to be stuck and hence routing/forwarding impact. This is because of the software design and is a production limitation. However such on the fly RD change can be successfully committed without any type of error message. With fix of this PR, error message will be reported in syslog upon commit.

1343195

JSA10898: 2018-10 Security Bulletin: Junos OS: Multiple vulnerabilities in NTP [VU#961909]

Multiple vulnerabilities in NTP have been resolved in Junos OS. Refer to JSA10898 for more information.

1350192

The link-degrade-monitor configuration might cause the commit sync failure on backup RE

On Junos platform along with redundant Routing Engine, if both link-degrade-monitor and any other configurations are configured on a port, commit synchronize might fail on the backup RE. If this occurs, the configuration might be lost after switchover and thus it might cause traffic loss.

1352498

JSA10912 2019-01 Security Bulletin: Junos OS: rpd crash on VPLS PE upon receipt of specific BGP message (CVE-2019-0012)

DoS vulnerability in BGP in Junos OS configured as a VPLS PE allows an attacker to craft a specific BGP message to cause the routing protocol daemon (rpd) process to crash and restart. While rpd restarts after a crash, repeated crashes can result in an extended DoS condition. See https://kb.juniper.net/JSA10912 for details.

1366619

The route prefixes with an assigned label might be missed in the LDP database

On all MX-Series platforms, the route prefixes with an assigned label might be missed in the Label Distribution Protocol (LDP) database when BGP-LU link protection is enabled.

1366823

Ukern memory leak and core crash in BGP environment

Ukern memory leak and fpc core crash might be happened when device configured link-node protection with labeled-bgp.

1375030

"PE Chip:pe0[0]: IPW: oversize_drop error" causes Major error on FPC

PTX routers with FPC3s that encounter oversize_drop errors will trigger an FPC Major alarm with each error seen. The alarm should clear on its own. The severity of this alarm is being reduced as there is no lasting impact to the FPC.

1380686

2019-01 Security Bulletin: Junos OS: OpenSSL Security Advisories [16 Apr 2018] and [12 June 2018]

The OpenSSL project has published security advisories for vulnerabilities resolved in the OpenSSL library on April 16, 2018, and June 12, 2018. See https://kb.juniper.net/JSA10919 for details.

1380862

JSA10883: Junos OS: Receipt of a specifically crafted malicious MPLS packet leads to a Junos kernel crash (CVE-2018-0049)

Junos OS: Receipt of a specifically crafted malicious MPLS packet leads to a Junos kernel crash (CVE-2018-0049). Please refer to https://kb.juniper.net/JSA10883 for more information.

1389379

FPC might crash when BGP multipath is configured with protection

When running with Border Gateway Protocol (BGP) multipath with protection configured, it is possible to encounter a situation where nexthops references are not properly decremented, thus causing the system to hold onto nexthops when they should be freed. This leads to a memory hog situation which eventually results in a Flexible PIC Concentrator (FPC) crash.

1391323

The dcd memory leak might be seen when committing configuration change on static route tag

After committing configuration change on static route tag (see below example), the memory consumed by device control daemon (dcd) might increase. The leak rate is slow (200KB for every commit with one tag change). [edit routing-instances TEST routing-options static route xx.xx.xx.xx/25] - tag 10; + tag 11;

1398301

"MIC Error code: 0x1b0002" alarm might not be cleared for MIC on MPC6 when the voltage has returned to normal

The voltage high alarm might not be cleared when voltage level comes back to normal for MIC on MPC6.

1400716

Only one PFE could be disabled on FPC with multiple PFEs in error/wedge condition

On MX, PTX and QFX platforms with Chassis Manager (CM) error reporting, if Flexible PIC Concentrator (FPC) has multiple Packet Forwarding Engines (PFEs) in which one of PFEs goes into wedge condition, due to this issue, the wedge condition might be reported continuously even after disable_pfe action has been taken for the corresponding PFE. Due to this issue, when CMERROR message queue is saturated and the level report-limit is reached (e.g. 10 major errors), the wedge condition on the other PFE within the same FPC will be ignored and not be able to trigger disable_pfe action any more.

Modification History:
First publication 2019-03-01
Related Links: