[ubuntu/dapper-security] quagga, quagga (delayed) 0.99.2-1ubuntu3.7 (Accepted)
Ubuntu Installer
archive at ubuntu.com
Tue Dec 7 19:05:22 GMT 2010
quagga (0.99.2-1ubuntu3.7) dapper-security; urgency=low
* SECURITY UPDATE: denial of service and possible arbitrary code
execution via malformed Outbound Route Filtering (ORF) record
- debian/patches/93_CVE-2010-2948.dpatch: improve bounds checking in
bgpd/bgp_packet.c.
- CVE-2010-2948
* SECURITY UPDATE: denial of service via unknown AS type
- debian/patches/93_CVE-2010-2949.dpatch: check segment types and
lengths in bgpd/bgp_aspath.c.
- CVE-2010-2949
Date: Thu, 11 Nov 2010 14:59:48 -0500
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Christian Hammers <ch at debian.org>
https://launchpad.net/ubuntu/dapper/+source/quagga/0.99.2-1ubuntu3.7
-------------- next part --------------
Format: 1.7
Date: Thu, 11 Nov 2010 14:59:48 -0500
Source: quagga
Binary: quagga quagga-doc
Architecture: source
Version: 0.99.2-1ubuntu3.7
Distribution: dapper-security
Urgency: low
Maintainer: Christian Hammers <ch at debian.org>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
quagga - unoff. successor of the Zebra BGP/OSPF/RIP routing daemon
quagga-doc - documentation files for quagga
Changes:
quagga (0.99.2-1ubuntu3.7) dapper-security; urgency=low
.
* SECURITY UPDATE: denial of service and possible arbitrary code
execution via malformed Outbound Route Filtering (ORF) record
- debian/patches/93_CVE-2010-2948.dpatch: improve bounds checking in
bgpd/bgp_packet.c.
- CVE-2010-2948
* SECURITY UPDATE: denial of service via unknown AS type
- debian/patches/93_CVE-2010-2949.dpatch: check segment types and
lengths in bgpd/bgp_aspath.c.
- CVE-2010-2949
Files:
dfa7ab569c6be50f015f0261a767dd68 1411 net optional quagga_0.99.2-1ubuntu3.7.dsc
33d87fda16424363b5ed66d76a0e84d0 35595 net optional quagga_0.99.2-1ubuntu3.7.diff.gz
More information about the dapper-changes
mailing list