Specifications
The new field provides a consistent means of identifying the Junos OS version, instead
of extracting that information from the list of installed subpackages.
In Junos OS Release 13.2 and earlier, the show version command does not have the
Junos field in the output that displays the Junos OS version running on the device as
shown in the following samples. The only way to determine the Junos OS version
running on the device is to review the list of installed subpackages.
Junos OS Release 13.3 and Later Releases With the Junos
Field
Junos OS Release 13.2 and Earlier Releases Without the
Junos Field
user@switch> show version
Hostname: lab
Model: ex9208
Junos: 13.3R1.4
JUNOS Base OS boot [13.3R1.4]
JUNOS Base OS Software Suite [13.3R1.4]
JUNOS Kernel Software Suite [13.3R1.4]
JUNOS Crypto Software Suite [13.3R1.4]
...
user@switch> show version
Hostname: lab
Model: ex9208
JUNOS Base OS boot [12.3R2.5]
JUNOS Base OS Software Suite [12.3R2.5]
JUNOS Kernel Software Suite [12.3R2.5]
JUNOS Crypto Software Suite [12.3R2.5]
...
[See show version.]
•
User-defined identifiers using the reserved prefix junos- now correctly cause a commit
error in the CLI—Junos OS reserves the prefix junos- for the identifiers of configurations
defined within the junos-defaults configuration group. User-defined identifiers cannot
start with the string junos-. Starting with Junos OS Release 13.3, if you configured
user-defined identifiers using the reserved prefix through a NETCONF or Junos XML
protocol session, the commit correctly fails. In Junos OS releases earlier than Release
13.3, if you configured user-defined identifiers through the CLI using the reserved prefix,
the commit incorrectly succeeds. Junos OS Release 13.3R1 and later releases now
exhibit the correct behavior. Configurations that currently contain the reserved prefix
for user-defined identifiers other than junos-defaults configuration group identifiers
now correctly results in a commit error in the CLI.
•
Configuring regular expressions (EX9200)—In all supported Junos OS releases, regular
expressions can no longer be configured if they require more than 64 MB of memory
or more than 256 recursions for parsing.
This change in the behavior of Junos OS is in line with the FreeBSD limit. The change
was made in response to a known consumption vulnerability that enables an attacker
to cause a denial-of-service attack (resource exhaustion) by using regular expressions
containing adjacent repetition operators or adjacent bounded repetitions. Junos OS
uses regular expressions in several places within the CLI. Exploitation of this vulnerability
can cause the Routing Engine to crash, leading to a partial denial of service. Repeated
exploitation can result in an extended partial outage of services provided by the routing
protocol process (rpd).
Related
Documentation
New and Changed Features on page 6•
• Known Behavior on page 11
• Known Issues on page 12
Copyright © 2015, Juniper Networks, Inc.10
Release Notes: Junos OS Release 13.3R6 for the EX Series, M Series, MX Series, PTX Series, and T Series