In T7159#219749, @dmbaturin wrote:

@MPStudyly Well, it's open-source, so anyone can remove the banner by editing the script. The intention of the banner is simply to explain that rolling release and stream builds offer no stability guarantees.

Apr 1 2025, 12:17 PM · VyOS 1.5 Circinus (1.5-stream-2025-Q2), VyOS 1.4 Sagitta (1.4.3)

SrividyaA added a comment to T6691: Console access lost after updating from 1.3.8 or 1.4 version to latest 1.5 releases.

In VMware vSphere, in multiple devices these log messages are seen after upgrading to 1.4.1 version:

Apr 1 2025, 11:46 AM · Bugs, VyOS Rolling

Viacheslav changed the status of T7290: VPN IPsec log level does not work from Open to In progress.

Apr 1 2025, 11:17 AM · VyOS 1.5 Circinus (1.5-stream-2025-Q2), VyOS 1.4 Sagitta (1.4.3), VyOS Rolling

dmbaturin created T7306: Clean up remnants of EOL branches and the old LTS approach.

Apr 1 2025, 10:36 AM · VyOS Rolling

jmg.caguicla updated the task description for T7305: Container network loses VRF on container restart.

Apr 1 2025, 9:14 AM · VyOS 1.4 Sagitta (1.4.4), VyOS 1.5 Circinus (2025.11)

Viacheslav triaged T7264: VPP NAT: All traffic get NATed if out interface is set with output-feature as Normal priority.

Apr 1 2025, 9:11 AM · VyOS Rolling

Viacheslav triaged T7268: Add op-mode command for all interfaces on host as Wishlist priority.

Apr 1 2025, 9:11 AM · VyOS 1.4 Sagitta (1.4.4), VyOS 1.5 Circinus (2025.11)

Viacheslav triaged T7289: Add libvyosconfig as git submodule of vyos-1x for stream builds as Normal priority.

Apr 1 2025, 9:11 AM · VyOS 1.5 Circinus (1.5-stream-2025-Q2), VyOS Rolling

Viacheslav triaged T7254: Add op commands for spanning-tree as Normal priority.

Apr 1 2025, 9:10 AM · VyOS 1.5 Circinus (1.5-stream-2025-Q4), VyOS Rolling, VyOS 1.4 Sagitta

Viacheslav triaged T7300: Missing dependencies for libpam-radius-auth build in the vyos-build container as Normal priority.

Apr 1 2025, 9:09 AM · VyOS Rolling

Viacheslav added a comment to T7142: HAPROXY- update current version to 3.0 .

The 2.6.12-1+deb12u1 is the latest package available from the Debian bookworm https://packages.debian.org/bookworm/haproxy
If you need the newest HAproxy version, you should build this by building scripts https://github.com/vyos/vyos-build/tree/current/scripts/package-build
Or waiting until bookworm updates the major package version.

Apr 1 2025, 9:06 AM · VyOS Rolling

Viacheslav triaged T7305: Container network loses VRF on container restart as Normal priority.

Apr 1 2025, 9:00 AM · VyOS 1.4 Sagitta (1.4.4), VyOS 1.5 Circinus (2025.11)

jmg.caguicla updated the task description for T7305: Container network loses VRF on container restart.

Apr 1 2025, 8:54 AM · VyOS 1.4 Sagitta (1.4.4), VyOS 1.5 Circinus (2025.11)

jmg.caguicla updated the task description for T7305: Container network loses VRF on container restart.

Apr 1 2025, 6:37 AM · VyOS 1.4 Sagitta (1.4.4), VyOS 1.5 Circinus (2025.11)

jmg.caguicla created T7305: Container network loses VRF on container restart.

Apr 1 2025, 6:37 AM · VyOS 1.4 Sagitta (1.4.4), VyOS 1.5 Circinus (2025.11)

woodsb02 added a comment to T7304: haproxy: Enable HTTP/2.

Note that if the version of HAProxy used in Vyos is upgraded to version 2.8 or later (as proposed in T7142), then HTTP/2 is enabled by default and this task can be closed as "overcome by events".

Apr 1 2025, 5:48 AM · VyOS Rolling

woodsb02 added a comment to T7304: haproxy: Enable HTTP/2.

HAProxy documentation for this:

Apr 1 2025, 5:45 AM · VyOS Rolling

woodsb02 created T7304: haproxy: Enable HTTP/2.

Apr 1 2025, 5:42 AM · VyOS Rolling

dmbaturin added a comment to T7285: CVE-2024-3596 (BlastRADIUS) mitigations for pam_radius.

I was looking into backporting it myself lately, at a glance your approach seems correct. I'll look deeper into it.

Apr 1 2025, 1:07 AM · VyOS 1.5 Circinus (1.5-stream-2025-Q2), VyOS 1.4 Sagitta (1.4.3), VyOS Rolling

Mar 31 2025

gmurphy42 added a comment to T3936: [Feature] - DHCP Option 82 Support.

Just gonna bump this again. Would be great to see support for this as it would be super helpful for complex architecture-based netboot configurations.

Mar 31 2025, 9:58 PM · VyOS Rolling

Viacheslav triaged T7303: Allow to bind haproxy service to interface as Wishlist priority.

Mar 31 2025, 8:24 PM · VyOS Rolling

zsdc added a comment to T7299: pki: race condition for acme requested certificates - CA auto import only on the second run.

The current fix is necessary, but it's not complete.

Mar 31 2025, 7:51 PM · VyOS 1.5 Circinus (1.5-stream-2025-Q2), VyOS 1.4 Sagitta (1.4.2), VyOS Rolling

ruffy91 created T7303: Allow to bind haproxy service to interface.

Mar 31 2025, 7:41 PM · VyOS Rolling

jestabro renamed T7302: Implement commit dry-run for vyconfd/vyos-commitd from Implemen commit dry-run for vyconfd to Implement commit dry-run for vyconfd/vyos-commitd.

Mar 31 2025, 7:34 PM · VyOS Rolling

jestabro created T7302: Implement commit dry-run for vyconfd/vyos-commitd.

Mar 31 2025, 7:34 PM · VyOS Rolling

xeluior added a comment to T7285: CVE-2024-3596 (BlastRADIUS) mitigations for pam_radius.

The above linked PR is ready for review by a maintainer. I've tried to cherry-pick only the most relevant commits from the upstream. The build was tested in the vyos-build container (as modified in https://vyos.dev/T7300) after each commit and the overall authentication flow was tested once as described in the PR.

Mar 31 2025, 6:42 PM · VyOS 1.5 Circinus (1.5-stream-2025-Q2), VyOS 1.4 Sagitta (1.4.3), VyOS Rolling

dmbaturin created T7301: Remove support for GnuPG signatures.

Mar 31 2025, 6:06 PM · VyOS 1.5 Circinus (1.5-stream-2025-Q2), VyOS 1.4 Sagitta (1.4.3), VyOS Rolling

dmbaturin added a comment to T7159: Display the non-production banner depending on the build type.

@MPStudyly Well, it's open-source, so anyone can remove the banner by editing the script. The intention of the banner is simply to explain that rolling release and stream builds offer no stability guarantees.

Mar 31 2025, 5:59 PM · VyOS 1.5 Circinus (1.5-stream-2025-Q2), VyOS 1.4 Sagitta (1.4.3)

jestabro added a comment to T7289: Add libvyosconfig as git submodule of vyos-1x for stream builds.

Regarding the failure of the PR integration tests, this may have been a result of a typo, now corrected in rolling here:
https://github.com/vyos/vyos-1x/pull/4425
or an inconsistent github action (I will check that).

Mar 31 2025, 5:22 PM · VyOS 1.5 Circinus (1.5-stream-2025-Q2), VyOS Rolling

GitHub <noreply@github.com> committed rVYOSONEXbc86b5750033: Merge pull request #4420 from c-po/veth-mtu (authored by c-po).

Mar 31 2025, 4:00 PM

c-po committed rVYOSONEX383af2dd4ab3: virtual-ethernet: T7293: add support to define interface MTU.

Mar 31 2025, 4:00 PM

GitHub <noreply@github.com> committed rVYOSONEXa6ff1933a99a: Merge pull request #4424 from c-po/acme-race-T7299 (authored by c-po).

Mar 31 2025, 3:59 PM

c-po committed rVYOSONEX1f82952b36c7: pki: T7299: race condition for acme requested certificates / CA chain.

Mar 31 2025, 3:59 PM

GitHub <noreply@github.com> committed rVYOSONEX5ec0a28f6b5b: Merge pull request #4425 from jestabro/submod-typo (authored by c-po).

Mar 31 2025, 3:58 PM

jestabro committed rVYOSONEXb55504a69473: T7289: fix typo in git submodule status check.

Mar 31 2025, 3:58 PM

jestabro closed T7296: Require opam package ppx_deriving_yojson <= 3.9.1 as Resolved.

Mar 31 2025, 3:31 PM · VyOS Rolling

GitHub <noreply@github.com> committed rVYOSONEX1e7e1c53afc8: Merge pull request #4426 from jestabro/restrict-opam-package-version (authored by c-po).

Mar 31 2025, 3:25 PM

jestabro committed rVYOSONEXfce85848e36d: T7296: update hash for restrict opam ppx_deriving_yojson <= v3.9.1.

Mar 31 2025, 3:25 PM

jestabro moved T7294: image upgrade will replace symlinks with a copy from Open to Finished on the VyOS 1.4 Sagitta board.

Mar 31 2025, 3:20 PM · VyOS 1.5 Circinus (1.5-stream-2025-Q2), VyOS 1.4 Sagitta (1.4.2), VyOS Rolling

jestabro moved T7294: image upgrade will replace symlinks with a copy from Open to Finished on the VyOS 1.5 Circinus board.

Mar 31 2025, 3:19 PM · VyOS 1.5 Circinus (1.5-stream-2025-Q2), VyOS 1.4 Sagitta (1.4.2), VyOS Rolling

jestabro closed T7294: image upgrade will replace symlinks with a copy as Resolved.

Mar 31 2025, 3:19 PM · VyOS 1.5 Circinus (1.5-stream-2025-Q2), VyOS 1.4 Sagitta (1.4.2), VyOS Rolling

xeluior added a comment to T7300: Missing dependencies for libpam-radius-auth build in the vyos-build container.

https://github.com/vyos/vyos-build/pull/939

Mar 31 2025, 3:05 PM · VyOS Rolling

xeluior created T7300: Missing dependencies for libpam-radius-auth build in the vyos-build container.

Mar 31 2025, 2:11 PM · VyOS Rolling

Viacheslav added a comment to T7297: FRR 9.1.x 10.2.x does not redistribute OSPF kernel table x routes.

SUMMARY:
working versions:

7.5.1-20240509-02-gc9dd2977e
8.0.1

Not working:

8.1
8.2.2
8.3-2 
9+
10+

Mar 31 2025, 11:14 AM · VyOS 1.4 Sagitta (1.4.4), VyOS 1.5 Circinus (2025.11)

c-po claimed T7273: Changes to VxLAN interfaces erases FRR config.

Mar 31 2025, 4:25 AM · VyOS Rolling

Mar 30 2025

c-po renamed T7122: PKI: Unable to switch from custom cert to ACME when haproxy service is running with 'redirect-http-to-https' option from PKI: Unable to switch from custom cert to ACME when haproxy service is running to PKI: Unable to switch from custom cert to ACME when haproxy service is running with 'redirect-http-to-https' option.

Mar 30 2025, 6:08 PM · VyOS 1.5 Circinus (1.5-stream-2025-Q2), VyOS 1.4 Sagitta (1.4.3), VyOS Rolling

sskaje added a comment to T7289: Add libvyosconfig as git submodule of vyos-1x for stream builds.

also failed in PR

Mar 30 2025, 6:07 PM · VyOS 1.5 Circinus (1.5-stream-2025-Q2), VyOS Rolling

c-po moved T7299: pki: race condition for acme requested certificates - CA auto import only on the second run from Need Triage to Backport Candidates on the VyOS Rolling board.

Mar 30 2025, 1:22 PM · VyOS 1.5 Circinus (1.5-stream-2025-Q2), VyOS 1.4 Sagitta (1.4.2), VyOS Rolling

c-po added a comment to T7299: pki: race condition for acme requested certificates - CA auto import only on the second run.

https://github.com/vyos/vyos-1x/pull/4424

Mar 30 2025, 1:09 PM · VyOS 1.5 Circinus (1.5-stream-2025-Q2), VyOS 1.4 Sagitta (1.4.2), VyOS Rolling

c-po updated the task description for T7299: pki: race condition for acme requested certificates - CA auto import only on the second run.

Mar 30 2025, 12:50 PM · VyOS 1.5 Circinus (1.5-stream-2025-Q2), VyOS 1.4 Sagitta (1.4.2), VyOS Rolling

c-po changed the status of T7299: pki: race condition for acme requested certificates - CA auto import only on the second run, a subtask of T6481: Auto import Lets Encrypt root CA while using pki certificate acme, from Open to In progress.

Mar 30 2025, 12:49 PM · VyOS Rolling, VyOS 1.5 Circinus

c-po changed the status of T7299: pki: race condition for acme requested certificates - CA auto import only on the second run from Open to In progress.

Mar 30 2025, 12:49 PM · VyOS 1.5 Circinus (1.5-stream-2025-Q2), VyOS 1.4 Sagitta (1.4.2), VyOS Rolling

c-po created T7299: pki: race condition for acme requested certificates - CA auto import only on the second run.

Mar 30 2025, 12:49 PM · VyOS 1.5 Circinus (1.5-stream-2025-Q2), VyOS 1.4 Sagitta (1.4.2), VyOS Rolling

sskaje added a comment to T7289: Add libvyosconfig as git submodule of vyos-1x for stream builds.

Using relative url in .gitmodules will get forked repos difficult to build if not modify .gitmodules manually.

Mar 30 2025, 6:43 AM · VyOS 1.5 Circinus (1.5-stream-2025-Q2), VyOS Rolling

mjones-vsat added a comment to T7217: Private SSH key reuse in the console server service.

I looked through some Debian and Ubuntu ISOs and didn't notice dropbear installed in the live image. It's likely we are mostly susceptible to this because the live image is used as a loopback mount during normal installation. Many other Debian-based systems would be debootstrapped onto the host.

Mar 30 2025, 2:31 AM · VyOS 1.5 Circinus (1.5-stream-2025-Q2), VyOS 1.4 Sagitta (1.4.2), VyOS Rolling

Mar 29 2025

GitHub <noreply@github.com> committed rVYOSONEX79b357a4afc6: Merge pull request #4417 from jestabro/submod-libvyosconfig (authored by jestabro).

Mar 29 2025, 9:15 PM

jestabro committed rVYOSONEX856ab1106795: T7289: attempt to update submodule if status inconsistent.

Mar 29 2025, 9:15 PM

jestabro committed rVYOSONEXe4d0f284ff3f: T7289: set url as relative path.

Mar 29 2025, 9:15 PM

jestabro committed rVYOSONEXe5cc2004b4d2: T7289: update Makefile for libvyosconfig as git submodule.

Mar 29 2025, 9:15 PM

jestabro committed rVYOSONEX3f0b370a3993: T7289: add libvyosconfig as git submodule.

Mar 29 2025, 9:15 PM

wlindberg created T7298: OSPFv3 neighborship doesn't form if the same IPv6 link-local address is used on different interfaces.

Mar 29 2025, 6:10 PM

Viacheslav added projects to T7286: Add CLI to disable LDP establish hello packets: VyOS 1.5 Circinus, VyOS 1.4 Sagitta (1.4.3).

Mar 29 2025, 11:20 AM · VyOS 1.5 Circinus (1.5-stream-2025-Q2), VyOS 1.4 Sagitta (1.4.2), VyOS Rolling

c-po changed the status of T4627: Ability to set host part IPv6 address via interface IP token from Open to In progress.

Mar 29 2025, 10:42 AM · VyOS 1.5 Circinus (2025.11), VyOS 1.4 Sagitta (1.4.4)

c-po moved T7270: syslog: typos in rsyslog.conf from Need Triage to Completed on the VyOS Rolling board.

Mar 29 2025, 10:24 AM · VyOS 1.5 Circinus (1.5-stream-2025-Q2), VyOS Rolling

c-po lowered the priority of T7270: syslog: typos in rsyslog.conf from High to Normal.

Mar 29 2025, 10:24 AM · VyOS 1.5 Circinus (1.5-stream-2025-Q2), VyOS Rolling

c-po added a project to T7270: syslog: typos in rsyslog.conf: VyOS 1.5 Circinus.

Mar 29 2025, 10:23 AM · VyOS 1.5 Circinus (1.5-stream-2025-Q2), VyOS Rolling

woodsb02 committed rVYOSONEXe669a53dadc0: syslog: T7270: improve descriptions of format options.

Mar 29 2025, 10:23 AM

GitHub <noreply@github.com> committed rVYOSONEXa2563828340f: Merge pull request #4409 from woodsb02/patch-2 (authored by c-po).

Mar 29 2025, 10:23 AM

woodsb02 committed rVYOSONEXe906f59f2e89: syslog: T7270: fix octed-counted typo in rsyslog.conf.

Mar 29 2025, 10:23 AM

woodsb02 committed rVYOSONEX39f5da93e538: syslog: T7270: fix SyslogProtocol23Format typo in rsyslog.conf.

Mar 29 2025, 10:23 AM

Viacheslav committed rVYOSONEXc11daec3b06a: T7286: Add CLI option to disable LDP establish packets.

Mar 29 2025, 10:21 AM

GitHub <noreply@github.com> committed rVYOSONEX55abc8214574: Merge pull request #4416 from sever-sever/T7286 (authored by c-po).

Mar 29 2025, 10:21 AM

Viacheslav renamed T7297: FRR 9.1.x 10.2.x does not redistribute OSPF kernel table x routes from FRR 9.1.x does not redistribute OSPF kernel table x routes to FRR 9.1.x 10.2.x does not redistribute OSPF kernel table x routes.

Mar 29 2025, 10:21 AM · VyOS 1.4 Sagitta (1.4.4), VyOS 1.5 Circinus (2025.11)

kumvijaya <kuvmijaya@gmail.com> committed rVYOSONEX713dd52f98a0: T7291: disabled codeowners review.

Mar 29 2025, 10:20 AM

GitHub <noreply@github.com> committed rVYOSONEX3306de1c8938: Merge pull request #4418 from kumvijaya/current (authored by c-po).

Mar 29 2025, 10:20 AM

Viacheslav triaged T7295: ACME certificate updates fail due to missing timezone info as High priority.

Mar 29 2025, 10:10 AM · VyOS 1.5 Circinus (2025.11)

Viacheslav updated the task description for T7297: FRR 9.1.x 10.2.x does not redistribute OSPF kernel table x routes.

Mar 29 2025, 10:06 AM · VyOS 1.4 Sagitta (1.4.4), VyOS 1.5 Circinus (2025.11)

GitHub <noreply@github.com> committed rVYOSONEXd22dd8325c57: Merge pull request #4423 from jestabro/preserve-symlinks (authored by c-po).

Mar 29 2025, 9:42 AM

jestabro committed rVYOSONEXe21b9658f057: T7294: preserve /config symlinks on image upgrade.