[ubuntu/lucid-security] quagga_0.99.15-1ubuntu0.1_ia64_translations.tar.gz, quagga_0.99.15-1ubuntu0.1_armel_translations.tar.gz, quagga_0.99.15-1ubuntu0.1_powerpc_translations.tar.gz, quagga, quagga_0.99.15-1ubuntu0.1_sparc_translations.tar.gz (delayed), quagga_0.99.15-1ubuntu0.1_amd64_translations.tar.gz, quagga_0.99.15-1ubuntu0.1_i386_translations.tar.gz 0.99.15-1ubuntu0.1 (Accepted)

Ubuntu Installer archive at ubuntu.com
Tue Dec 7 19:04:06 GMT 2010 

quagga (0.99.15-1ubuntu0.1) lucid-security; urgency=low

  * SECURITY UPDATE: denial of service and possible arbitrary code
    execution via malformed Outbound Route Filtering (ORF) record
    - debian/patches/91_CVE-2010-2948.dpatch: improve bounds checking in
      bgpd/bgp_packet.c.
    - CVE-2010-2948
  * SECURITY UPDATE: denial of service via unknown AS type
    - debian/patches/91_CVE-2010-2949.dpatch: check segment types and
      lengths in bgpd/bgp_aspath.*, bgpd/bgp_attr.c, tests/aspath_test.c.
    - CVE-2010-2949

Date: Thu, 11 Nov 2010 14:06:35 -0500
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/lucid/+source/quagga/0.99.15-1ubuntu0.1
-------------- next part --------------
Format: 1.8
Date: Thu, 11 Nov 2010 14:06:35 -0500
Source: quagga
Binary: quagga quagga-doc
Architecture: source
Version: 0.99.15-1ubuntu0.1
Distribution: lucid-security
Urgency: low
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description: 
 quagga     - BGP/OSPF/RIP routing daemon
 quagga-doc - documentation files for quagga
Changes: 
 quagga (0.99.15-1ubuntu0.1) lucid-security; urgency=low
 .
   * SECURITY UPDATE: denial of service and possible arbitrary code
     execution via malformed Outbound Route Filtering (ORF) record
     - debian/patches/91_CVE-2010-2948.dpatch: improve bounds checking in
       bgpd/bgp_packet.c.
     - CVE-2010-2948
   * SECURITY UPDATE: denial of service via unknown AS type
     - debian/patches/91_CVE-2010-2949.dpatch: check segment types and
       lengths in bgpd/bgp_aspath.*, bgpd/bgp_attr.c, tests/aspath_test.c.
     - CVE-2010-2949
Checksums-Sha1: 
 9c363024be998d3fef13e1fc7a2d124977f18a69 2048 quagga_0.99.15-1ubuntu0.1.dsc
 01d3fc9c98c1bbfe69b0a1304b9d3b291759ab03 37257 quagga_0.99.15-1ubuntu0.1.diff.gz
Checksums-Sha256: 
 112e09f2d8cba9fdf1738bfc5492a19084c3a5e3b010147c4f94724d09f90000 2048 quagga_0.99.15-1ubuntu0.1.dsc
 83c58f1ac39a4b36c8c0e42ebcbdf3947068761166ad0a8a449bd794e8ff99ea 37257 quagga_0.99.15-1ubuntu0.1.diff.gz
Files: 
 18d2ea42d79292d8c433565c07d3a802 2048 net optional quagga_0.99.15-1ubuntu0.1.dsc
 6c2c7cccfe10a755a30ef5e61f52f586 37257 net optional quagga_0.99.15-1ubuntu0.1.diff.gz
Original-Maintainer: Christian Hammers <ch at debian.org>

More information about the Lucid-changes mailing list