Viacheslav renamed T6325: Update pipfile python3 version or delete pip file for vyos-1x from Update pip file python3 version or delete pip file for vyos-1x to Update pipfile python3 version or delete pip file for vyos-1x.

May 9 2024, 12:46 PM · VyOS 1.4 Sagitta

Viacheslav triaged T6325: Update pipfile python3 version or delete pip file for vyos-1x as Normal priority.

May 9 2024, 12:46 PM · VyOS 1.4 Sagitta

Vijayakumar added a comment to T6316: need to add automatic assignment of reviewers from reviewers team.

@syncer Any idea why conflict check fails for this PR https://github.com/vyos/vyos-1x/actions/runs/9015620312 ?

May 9 2024, 12:02 PM · GitHub Infrastructure

Apachez added a comment to T6322: Include microcode update packages for both Intel and AMD64 cpus.

It can be handy to have the option to have it disabled (or you can just in bash-mode do "apt-get remove intel-microcode --purge" if you dont want it after install) but it should be enabled by default due to security reasons.

May 9 2024, 10:03 AM · VyOS 1.5 Circinus (2025.11)

Vijayakumar committed rVYOSONEX890391885d66: T6316: remove reviewers assignment in workflow as it will done by codeowners… (authored by Vijayakumar A <36878324+kumvijaya@users.noreply.github.com>).

May 9 2024, 10:02 AM

Vijayakumar added a comment to T6315: Add Codeql reusable action workflow.

Ok,
Reviewers' assignment from the workflow can be removed (as it will be handled globally using codeowner file)
Raised PR,. Please check
https://github.com/vyos/vyos-1x/pull/3432

May 9 2024, 9:55 AM · GitHub Infrastructure

marekm added a comment to T6322: Include microcode update packages for both Intel and AMD64 cpus.

Please consider making the microcode updates optional, and possible to load a specified file downloaded separately from the CPU vendor, independent of VyOS updates.
Some possible edge cases:

running VyOS in a VM (microcode update has no effect in the guest anyway, needs to be done in the hypervisor)
microcode update released in a hurry breaks something, need to revert to an older one
microcode update reduces performance, doesn't improve security of VyOS (because it's not a typical multi-user system with untrusted users who can run any programs)
microcode update has important fixes, but it will take time before a new LTS is released, or VyOS can't be updated because the subscription has expired

May 9 2024, 9:52 AM · VyOS 1.5 Circinus (2025.11)

GitHub <noreply@github.com> committed rVYOSONEX7fbccb71cee6: T6316: remove reviewers yml as it is controlled in global level (authored by Vijayakumar A <36878324+kumvijaya@users.noreply.github.com>).

May 9 2024, 9:49 AM

GitHub <noreply@github.com> committed rVYOSONEX5d38c0a60f41: T6315: remove reviewers assignment in workflow as it will done by codeowners… (authored by Vijayakumar A <36878324+kumvijaya@users.noreply.github.com>).

May 9 2024, 9:40 AM

trae32566 added a comment to T1641: VRRP conntrack-sync dropping packets passing through the router.

I think this was resolved at some point, but I ended up removing it (the accept-protocol stuff) from my config since it didn't appear necessary and was causing issues, so I'm not certain.

May 9 2024, 8:50 AM

GitHub <noreply@github.com> committed rVYOSONEXa45ba57e0ed8: Merge pull request #3431 from vyos/feature/T6315-update-codeql-branch (authored by dmbaturin).

May 9 2024, 8:40 AM

Viacheslav closed T6324: CVE-2024-2961 as Resolved.

May 9 2024, 8:34 AM · VyOS 1.3 Equuleus (1.3.7), VyOS 1.4 Sagitta (1.4.0-epa3)

Viacheslav added a comment to T6324: CVE-2024-2961.

For 1.4 also fixed

vyos@r1-right:~$ show version all | match "GNU C L"
ii  libc-bin                             2.36-9+deb12u7                   amd64        GNU C Library: Binaries
ii  libc-l10n                            2.36-9+deb12u7                   all          GNU C Library: localization files
ii  libc6:amd64                          2.36-9+deb12u7                   amd64        GNU C Library: Shared libraries
ii  locales                              2.36-9+deb12u7                   all          GNU C Library: National Language (locale) data [support]
vyos@r1-right:~$ 
vyos@r1-right:~$ show ver
Version:          VyOS 1.4-stable-202405090309
Release train:    sagitta

May 9 2024, 8:22 AM · VyOS 1.3 Equuleus (1.3.7), VyOS 1.4 Sagitta (1.4.0-epa3)

natali-rs1985 changed the status of T4393: sstp: add support for configuring host-name (SNI) from Open to In progress.

May 9 2024, 8:20 AM · VyOS 1.4 Sagitta (1.4.0-GA)

syncer assigned T6140: After running a while the default routing failed on vyos 1.4 epa1&epa2 with pppoe0 enabled to Viacheslav.

May 9 2024, 8:18 AM · VyOS Rolling, Bugs

Viacheslav moved T6324: CVE-2024-2961 from Backlog to Finished on the VyOS 1.4 Sagitta (1.4.0-epa3) board.

May 9 2024, 8:16 AM · VyOS 1.3 Equuleus (1.3.7), VyOS 1.4 Sagitta (1.4.0-epa3)

syncer moved T6324: CVE-2024-2961 from Backlog to Finished on the VyOS 1.3 Equuleus (1.3.7) board.

May 9 2024, 8:15 AM · VyOS 1.3 Equuleus (1.3.7), VyOS 1.4 Sagitta (1.4.0-epa3)

Viacheslav added a comment to T6324: CVE-2024-2961.

Fixed

vyos@r1-right:~$ show version all | match "GNU C L"
ii  libc-bin                             2.28-10+deb10u3                amd64        GNU C Library: Binaries
ii  libc-l10n                            2.28-10+deb10u3                all          GNU C Library: localization files
ii  libc6:amd64                          2.28-10+deb10u3                amd64        GNU C Library: Shared libraries
ii  locales                              2.28-10+deb10u3                all          GNU C Library: National Language (locale) data [support]
vyos@r1-right:~$ 
vyos@r1-right:~$ show version

May 9 2024, 8:08 AM · VyOS 1.3 Equuleus (1.3.7), VyOS 1.4 Sagitta (1.4.0-epa3)

syncer moved T6324: CVE-2024-2961 from Need Triage to Backlog on the VyOS 1.4 Sagitta (1.4.0-epa3) board.

May 9 2024, 8:03 AM · VyOS 1.3 Equuleus (1.3.7), VyOS 1.4 Sagitta (1.4.0-epa3)

syncer changed the status of T6324: CVE-2024-2961 from Open to In progress.

May 9 2024, 8:03 AM · VyOS 1.3 Equuleus (1.3.7), VyOS 1.4 Sagitta (1.4.0-epa3)

syncer added a comment to T6315: Add Codeql reusable action workflow.

there is some issue https://github.com/vyos/vyos-1x/actions/runs/9013844673/job/24765384018?pr=3431

May 9 2024, 8:02 AM · GitHub Infrastructure

a.apostoliuk triaged T6324: CVE-2024-2961 as Normal priority.

May 9 2024, 7:55 AM · VyOS 1.3 Equuleus (1.3.7), VyOS 1.4 Sagitta (1.4.0-epa3)

Vijayakumar added a comment to T6315: Add Codeql reusable action workflow.

Please approve https://github.com/vyos/vyos-1x/pull/3431

May 9 2024, 7:19 AM · GitHub Infrastructure

GitHub <noreply@github.com> committed rVYOSONEXd8a0bb52c396: T6315: updated codeql branch name (authored by Vijayakumar A <36878324+kumvijaya@users.noreply.github.com>).

May 9 2024, 7:15 AM

Vijayakumar added a comment to T6316: need to add automatic assignment of reviewers from reviewers team.

Added codeowner file and basis pr templates and checks
https://github.com/vyos/.github/pull/1
Please review the PR

May 9 2024, 7:09 AM · GitHub Infrastructure

SrividyaA claimed T6323: Correction of auto-completion description of "mfa totp digits".

May 9 2024, 6:46 AM · VyOS 1.4 Sagitta (1.4.0-epa3)

SrividyaA created T6323: Correction of auto-completion description of "mfa totp digits".

May 9 2024, 6:44 AM · VyOS 1.4 Sagitta (1.4.0-epa3)

May 8 2024

e.pc.yuan added a comment to T5636: Add GeoIP matching support for policy route.

set policy local-route doesn't make sense to me to have a geoip network group, however geoip in set policy route allows for greater flexibility while performing routing to ensure traffic traverse through specific destination for compliance and regulatory purposes.

May 8 2024, 9:42 PM · VyOS 1.5 Circinus (1.5-stream-2025-Q2), VyOS Rolling

syncer triaged T6322: Include microcode update packages for both Intel and AMD64 cpus as Normal priority.

May 8 2024, 9:41 PM · VyOS 1.5 Circinus (2025.11)

syncer merged task T6321: intel-microcode package should be included into T6322: Include microcode update packages for both Intel and AMD64 cpus.

May 8 2024, 9:03 PM · VyOS 1.5 Circinus

syncer merged T6321: intel-microcode package should be included into T6322: Include microcode update packages for both Intel and AMD64 cpus.

May 8 2024, 9:03 PM · VyOS 1.5 Circinus (2025.11)

Apachez created T6322: Include microcode update packages for both Intel and AMD64 cpus.

May 8 2024, 8:50 PM · VyOS 1.5 Circinus (2025.11)

syncer triaged T6321: intel-microcode package should be included as Normal priority.

May 8 2024, 7:49 PM · VyOS 1.5 Circinus

syncer assigned T6321: intel-microcode package should be included to Viacheslav.

May 8 2024, 7:49 PM · VyOS 1.5 Circinus

c-po added a comment to T6317: VLAN doesn't work on a bridge with a wireless interface member.

@alainlamar can you check my PR https://github.com/vyos/vyos-1x/pull/3430 ?

May 8 2024, 7:42 PM · VyOS 1.4 Sagitta (1.4.0-epa3)

c-po changed the status of T6317: VLAN doesn't work on a bridge with a wireless interface member from Open to In progress.

May 8 2024, 7:32 PM · VyOS 1.4 Sagitta (1.4.0-epa3)

c-po moved T6317: VLAN doesn't work on a bridge with a wireless interface member from Open to In Progress on the VyOS 1.4 Sagitta board.

May 8 2024, 7:32 PM · VyOS 1.4 Sagitta (1.4.0-epa3)

aidan-gibson created T6321: intel-microcode package should be included .

May 8 2024, 7:13 PM · VyOS 1.5 Circinus

Vijayakumar added a comment to T6316: need to add automatic assignment of reviewers from reviewers team.

Ok, Sure.

May 8 2024, 6:41 PM · GitHub Infrastructure

syncer added a comment to T6316: need to add automatic assignment of reviewers from reviewers team.

Added access to organization's .github repository
we probably want to keep PR templates and what else there too(will create separate task)

May 8 2024, 6:40 PM · GitHub Infrastructure

syncer added a comment to T6316: need to add automatic assignment of reviewers from reviewers team.

Sure, let's do it that way
Thanks @Vijayakumar

May 8 2024, 6:33 PM · GitHub Infrastructure

Vijayakumar added a comment to T6316: need to add automatic assignment of reviewers from reviewers team.

@syncer Just want to know whether we considered using the CODEOWNERS file to achieve this
https://docs.github.com/en/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/about-code-owners

May 8 2024, 6:18 PM · GitHub Infrastructure

Vijayakumar changed the status of T6315: Add Codeql reusable action workflow, a subtask of T6309: Check code quality with CodeQL, from Needs reporter action to In progress.

May 8 2024, 6:15 PM · GitHub Infrastructure

Vijayakumar changed the status of T6315: Add Codeql reusable action workflow from Needs reporter action to In progress.

May 8 2024, 6:15 PM · GitHub Infrastructure

n.fort added a comment to T5177: Make the chain policy configurable.

Behavior change for this issue was fix some month ago in migration scripts, in order to remain action "return" when upgrading from older versions to new syntax.

May 8 2024, 4:32 PM · VyOS 1.5 Circinus

n.fort closed T6269: Polixy route "set table" option is not working correctly as Resolved.

May 8 2024, 4:20 PM · VyOS 1.4 Sagitta (1.4.0-epa3)

n.fort closed T6305: IPoE interface wildcard validation error in firewall rules as Resolved.

May 8 2024, 4:19 PM · VyOS 1.4 Sagitta (1.4.0-epa3)

c-po changed the status of T6281: Wireguard does not pass traffic if VRFs are used from Open to Needs reporter action.

May 8 2024, 4:05 PM · VyOS 1.5 Circinus

c-po changed the status of T6300: [1.3->1.4 Migration] An empty interface configuration drops all interfaces configuration, a subtask of T5938: Migration fail root task for 1.4-rc, from In progress to Needs reporter action.

May 8 2024, 4:05 PM · VyOS Rolling, Bugs

c-po changed the status of T6300: [1.3->1.4 Migration] An empty interface configuration drops all interfaces configuration from In progress to Needs reporter action.

May 8 2024, 4:05 PM · Bugs, VyOS 1.4 Sagitta (1.4.1)

jestabro removed a project from T5666: Provide list of config-mode scripts scheduled for proposed commit: VyOS 1.4 Sagitta (1.4.0-GA).

Note that the work in the link above, but for the get_commit_schedule function itself, has already been added in subtasks T6319/T6146. As mentioned above, the get_commit_schedule function is not useful (and potentially misleading) until we replace the legacy commit algorithm in 1.5. Remove 1.4.0 tag.

May 8 2024, 3:59 PM · VyOS 1.4 Sagitta (1.4.1), VyOS 1.5 Circinus

jestabro closed T6319: Add util for ancestor owner/priority, a subtask of T5666: Provide list of config-mode scripts scheduled for proposed commit, as Resolved.

May 8 2024, 3:45 PM · VyOS 1.4 Sagitta (1.4.1), VyOS 1.5 Circinus

jestabro closed T6319: Add util for ancestor owner/priority, a subtask of T6146: Add python script to get all priorities of service or section from XML, as Resolved.

May 8 2024, 3:45 PM · VyOS 1.4 Sagitta (1.4.0-epa3)

jestabro closed T6319: Add util for ancestor owner/priority as Resolved.

May 8 2024, 3:45 PM · VyOS 1.4 Sagitta (1.4.1), VyOS 1.5 Circinus

jestabro committed rVYOSONEX2551a741af9a: xml: T6319: add util for ancestor owner/priority.

May 8 2024, 3:40 PM

GitHub <noreply@github.com> committed rVYOSONEX52efc3969173: Merge pull request #3428 from jestabro/nearest-owner (authored by dmbaturin).

May 8 2024, 3:40 PM

GitHub <noreply@github.com> committed rVYOSONEX1b7a2d19cb86: Merge pull request #3427 from vyos/mergify/bp/sagitta/pr-3422 (authored by dmbaturin).