Resolves: RHEL-15915 - crash from specially crafted MP_UNREACH_NLRI-containing BGP UPDATE message
Resolves: RHEL-15918 - crash from malformed EOR-containing BGP UPDATE message

Resolves: RHEL-15291 - Rebase FRR to version 8.5.3 in RHEL9

Resolves: RHEL-3541 - Incorrect handling of a error in parsing of an invalid section of a BGP update can de-peer a router

Resolves: RHEL-2263 - bgpd: Do not explicitly print MAXTTL value for ebgp-multihop vty output

Related: #2216912 - adding sys_admin to capabilities

Resolves: #2215346 - frr policy does not allow the execution of /usr/sbin/ipsec

Resolves: #2216912 - SELinux is preventing FRR-Zebra to access to network namespaces

Resolves: #2168855 - BFD not working through VRF

Resolves: #2184870 - Reachable assertion in peek_for_as4_capability function
Resolves: #2196795 - denial of service by crafting a BGP OPEN message with an option of type 0xff
Resolves: #2196796 - denial of service by crafting a BGP OPEN message with an option of type 0xff
Resolves: #2196794 - out-of-bounds read exists in the BGP daemon of FRRouting

Resolves: #2147522 - It is not possible to run FRR as a non-root user

Resolves: #2144500 - AVC error when reloading FRR with provided reload script

Related: #2129743 - Adding missing rules for vtysh and other daemons

Resolves: #2128738 - out-of-bounds read in the BGP daemon may lead to information disclosure or denial of service

Resolves: #2129731 - Rebase FRR to the latest version
Resolves: #2129743 - Add targeted SELinux policy for FRR
Resolves: #2127494 - BGP incorrectly withdraws routes on graceful restart capable routers

Resolves: #2095404 - frr use systemd-sysusers

Resolves: #2081304 - Enhanced TMT testing for centos-stream