Register | Log in

bird

Internet Routing Daemon

Choose email to subscribe with

general

source: bird (main)
version: 1.6.8-2.1
maintainer: Ondřej Surý (DMD) (LowNMU)
arch: all
std-ver: 3.9.6
VCS: Git (Browse)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 1.6.8-2.1
oldstable: 1.6.8-2.1

versioned links

1.6.8-2.1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

bird
bird-bgp
bird-doc

package is gone

This package is not in any development repository. This probably means that the package has been removed (or has been renamed). Thus the information here is of little interest ... the package is going to disappear unless someone takes it over and reintroduces it.

action needed

1 security issue in bullseye high

There is 1 open security issue in bullseye.

1 important issue:

CVE-2026-49943: CZ.NIC BIRD Internet Routing Daemon through 2.19.0 contains a stack-based buffer overflow in the BGP AS_PATH mask matching implementation in nest/a-path.c. The as_path_match() function uses a fixed-size stack array of 2048 + 1 pm_pos entries, while parse_path() expands AS_PATH segments from a received BGP UPDATE without enforcing a corresponding capacity limit. When RFC 8654 BGP Extended Messages are enabled and a BIRD filter evaluates an AS path mask expression such as "bgp_path ~ [= ... =]", an established BGP peer can send a long AS_PATH containing more than 2048 expanded ASNs. This causes parse_path()/as_path_match() to write beyond the fixed stack buffer, resulting in a crash of the daemon. NOTE: reportedly, the Supplier's position is that a fix is not being prioritized because all network operators should already be rejecting routes with unusually long attributes.

Created: 2026-06-02 Last update: 2026-06-03 06:31

1 security issue in bookworm high

There is 1 open security issue in bookworm.

1 important issue:

CVE-2026-49943: CZ.NIC BIRD Internet Routing Daemon through 2.19.0 contains a stack-based buffer overflow in the BGP AS_PATH mask matching implementation in nest/a-path.c. The as_path_match() function uses a fixed-size stack array of 2048 + 1 pm_pos entries, while parse_path() expands AS_PATH segments from a received BGP UPDATE without enforcing a corresponding capacity limit. When RFC 8654 BGP Extended Messages are enabled and a BIRD filter evaluates an AS path mask expression such as "bgp_path ~ [= ... =]", an established BGP peer can send a long AS_PATH containing more than 2048 expanded ASNs. This causes parse_path()/as_path_match() to write beyond the fixed stack buffer, resulting in a crash of the daemon. NOTE: reportedly, the Supplier's position is that a fix is not being prioritized because all network operators should already be rejecting routes with unusually long attributes.

Created: 2026-06-02 Last update: 2026-06-03 06:31

news

[2024-12-29] bird REMOVED from testing (Debian testing watch)
[2021-01-08] bird 1.6.8-2.1 MIGRATED to testing (Debian testing watch)
[2021-01-02] Accepted bird 1.6.8-2.1 (source) into unstable (Benjamin Drung)
[2020-08-22] bird REMOVED from testing (Debian testing watch)
[2020-05-16] bird 1.6.8-2 MIGRATED to testing (Debian testing watch)
[2020-05-11] Accepted bird 1.6.8-2 (source) into unstable (Ondřej Surý)
[2019-09-22] bird 1.6.8-1 MIGRATED to testing (Debian testing watch)
[2019-09-21] Accepted bird 1.6.3-2+deb9u1 (source all amd64) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates (Ondřej Surý)
[2019-09-21] Accepted bird 1.6.6-1+deb10u1 (source all amd64) into proposed-updates->stable-new, proposed-updates (Ondřej Surý)
[2019-09-19] Accepted bird 1.6.3-2+deb9u1 (source all amd64) into oldstable->embargoed, oldstable (Ondřej Surý)
[2019-09-19] Accepted bird 1.6.6-1+deb10u1 (source all amd64) into stable->embargoed, stable (Ondřej Surý)
[2019-09-16] Accepted bird 1.6.8-1 (source) into unstable (Ondřej Surý)
[2019-08-10] bird 1.6.7-1 MIGRATED to testing (Debian testing watch)
[2019-08-05] Accepted bird 1.6.7-1 (source) into unstable (Ondřej Surý)
[2019-05-31] bird 1.6.6-1 MIGRATED to testing (Debian testing watch)
[2019-03-03] Accepted bird 1.6.6-1 (source) into unstable (Ondřej Surý)
[2019-01-20] bird 1.6.5-1 MIGRATED to testing (Debian testing watch)
[2019-01-15] Accepted bird 1.6.5-1 (source) into unstable (Ondřej Surý)
[2018-04-21] bird 1.6.4-1 MIGRATED to testing (Debian testing watch)
[2018-04-15] Accepted bird 1.6.4-1 (source) into unstable (Ondřej Surý)
[2017-06-20] bird 1.6.3-3 MIGRATED to testing (Debian testing watch)
[2017-03-01] Accepted bird 1.6.3-3 (source) into unstable (Ondřej Surý)
[2017-01-22] bird 1.6.3-2 MIGRATED to testing (Debian testing watch)
[2017-01-11] Accepted bird 1.6.3-2 (source all amd64) into unstable (Ondřej Surý)
[2017-01-03] bird 1.6.3-1 MIGRATED to testing (Debian testing watch)
[2016-12-23] Accepted bird 1.6.3-1 (source) into unstable (Ondřej Surý)
[2016-12-04] bird 1.6.2-3 MIGRATED to testing (Debian testing watch)
[2016-11-28] Accepted bird 1.6.2-3 (source) into unstable (Ondřej Surý)
[2016-10-02] bird 1.6.2-1 MIGRATED to testing (Debian testing watch)
[2016-09-29] Accepted bird 1.6.2-1 (source all amd64) into unstable (Ondřej Surý)

1
2

bugs [bug history graph]

all: 0

links

homepage
buildd: logs
popcon
browse source code
other distros
security tracker

Debian Package Tracker — Copyright 2013-2025 The Distro Tracker Developers

Report problems to the tracker.debian.org pseudo-package in the Debian BTS.

Documentation — Bugs — Git Repository — Contributing