[ubuntu/hardy-security] quagga_0.99.9-2ubuntu1.4_hppa_translations.tar.gz, quagga_0.99.9-2ubuntu1.4_i386_translations.tar.gz, quagga, quagga_0.99.9-2ubuntu1.4_amd64_translations.tar.gz, quagga_0.99.9-2ubuntu1.4_powerpc_translations.tar.gz, quagga_0.99.9-2ubuntu1.4_lpia_translations.tar.gz, quagga_0.99.9-2ubuntu1.4_ia64_translations.tar.gz, quagga_0.99.9-2ubuntu1.4_sparc_translations.tar.gz (delayed) 0.99.9-2ubuntu1.4 (Accepted)

Ubuntu Installer archive at ubuntu.com
Tue Dec 7 19:05:16 GMT 2010 

quagga (0.99.9-2ubuntu1.4) hardy-security; urgency=low

  * SECURITY UPDATE: denial of service and possible arbitrary code
    execution via malformed Outbound Route Filtering (ORF) record
    - debian/patches/91_CVE-2010-2948.dpatch: improve bounds checking in
      bgpd/bgp_packet.c.
    - CVE-2010-2948
  * SECURITY UPDATE: denial of service via unknown AS type
    - debian/patches/91_CVE-2010-2949.dpatch: check segment types and
      lengths in bgpd/bgp_aspath.c.
    - CVE-2010-2949

Date: Thu, 11 Nov 2010 14:46:19 -0500
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Core developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/hardy/+source/quagga/0.99.9-2ubuntu1.4
-------------- next part --------------
Format: 1.7
Date: Thu, 11 Nov 2010 14:46:19 -0500
Source: quagga
Binary: quagga quagga-doc
Architecture: source
Version: 0.99.9-2ubuntu1.4
Distribution: hardy-security
Urgency: low
Maintainer: Ubuntu Core developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description: 
 quagga     - BGP/OSPF/RIP routing daemon
 quagga-doc - documentation files for quagga
Changes: 
 quagga (0.99.9-2ubuntu1.4) hardy-security; urgency=low
 .
   * SECURITY UPDATE: denial of service and possible arbitrary code
     execution via malformed Outbound Route Filtering (ORF) record
     - debian/patches/91_CVE-2010-2948.dpatch: improve bounds checking in
       bgpd/bgp_packet.c.
     - CVE-2010-2948
   * SECURITY UPDATE: denial of service via unknown AS type
     - debian/patches/91_CVE-2010-2949.dpatch: check segment types and
       lengths in bgpd/bgp_aspath.c.
     - CVE-2010-2949
Files: 
 cb3558332bc96c2caa5b804fdc758759 1625 net optional quagga_0.99.9-2ubuntu1.4.dsc
 c7162c4df4238379c40f153ab9bcfe86 38201 net optional quagga_0.99.9-2ubuntu1.4.diff.gz
Original-Maintainer: Christian Hammers <ch at debian.org>

More information about the Hardy-changes mailing list