Nicolas Graves via Guix-patches via <guix-patches@gnu.org> writes:

> This fixes CVE-2021-28902, CVE-2021-28903, CVE-2021-28904,
> CVE-2021-28905 and CVE-2021-28906.
>
> * gnu/packages/networking.scm (libyang): Update to 3.4.2.
> ---
>  gnu/packages/networking.scm | 6 +++---
>  1 file changed, 3 insertions(+), 3 deletions(-)
>
> diff --git a/gnu/packages/networking.scm b/gnu/packages/networking.scm
> index 8481e2d2f4..17d4072ee0 100644
> --- a/gnu/packages/networking.scm
> +++ b/gnu/packages/networking.scm
> @@ -4238,7 +4238,7 @@ (define-public iwgtk
>  (define-public libyang
>    (package
>      (name "libyang")
> -    (version "1.0.215")
> +    (version "3.4.2")
>      (source (origin
>                (method git-fetch)
>                (uri (git-reference
> @@ -4247,12 +4247,12 @@ (define-public libyang
>                (file-name (git-file-name name version))
>                (sha256
>                 (base32
> -                "0mrs2ppmq77z8sbqgm2w0rl9bfgybd6bcxanakfww4chih6cy0dw"))))
> +                "07skjr3r4na12kadca2dyk45clpcpnp4zkkwfaa8sqyslx7vhj56"))))
>      (build-system cmake-build-system)
>      (arguments
>       `(#:configure-flags
>         (list "-DENABLE_BUILD_TESTS=ON" "-DENABLE_LYD_PRIV=ON")))
> -    (propagated-inputs (list pcre))
> +    (propagated-inputs (list pcre2))
>      (native-inputs (list cmocka pkg-config))
>      (home-page "https://github.com/CESNET/libyang")
>      (synopsis "YANG data modelling language library")

apply, and update it single dependent package: frrouting.