[ubuntu/lucid-security] quagga_0.99.15-1ubuntu0.3_amd64_translations.tar.gz, quagga_0.99.15-1ubuntu0.3_powerpc_translations.tar.gz, quagga_0.99.15-1ubuntu0.3_sparc_translations.tar.gz, quagga_0.99.15-1ubuntu0.3_ia64_translations.tar.gz, quagga, quagga_0.99.15-1ubuntu0.3_armel_translations.tar.gz, quagga_0.99.15-1ubuntu0.3_i386_translations.tar.gz 0.99.15-1ubuntu0.3 (Accepted)
Marc Deslauriers
marc.deslauriers at ubuntu.com
Mon Nov 14 19:03:42 UTC 2011
quagga (0.99.15-1ubuntu0.3) lucid-security; urgency=low
* SECURITY UPDATE: arbitrary code execution via malformed Inter Area
Prefix LSA
- debian/patches/99_CVE-2011-3323.dpatch: check lengths in
ospf6d/{ospf6_abr.h,ospf6_asbr.h,ospf6_intra.h,ospf6_lsa.h,
ospf6_message.c,ospf6_message.h,ospf6_proto.h}
- CVE-2011-3323
* SECURITY UPDATE: denial of sevice via crafted Link-State-Advertisement
- debian/patches/99_CVE-2011-3324.dpatch: change assert to warning in
ospf6d/ospf6_lsa.c.
- CVE-2011-3324
* SECURITY UPDATE: denial of service via crafted Hello packet
- debian/patches/99_CVE-2011-3325.dpatch: add extra checks to
ospfd/ospf_packet.c.
- CVE-2011-3325
* SECURITY UPDATE: denial of service via unknown Link-State-Advertisements
types
- debian/patches/99_CVE-2011-3326.dpatch: exit if LSA type is unknown
in ospfd/ospf_flood.c.
- CVE-2011-3326
* SECURITY UPDATE: arbitrary code execution via Extended Communities path
attribute
- debian/patches/99_CVE-2011-3327.dpatch: properly check size in
bgpd/bgp_ecommunity.c.
- CVE-2011-3327
Date: Fri, 07 Oct 2011 12:38:37 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/lucid/+source/quagga/0.99.15-1ubuntu0.3
-------------- next part --------------
Format: 1.8
Date: Fri, 07 Oct 2011 12:38:37 -0400
Source: quagga
Binary: quagga quagga-doc
Architecture: source
Version: 0.99.15-1ubuntu0.3
Distribution: lucid-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
quagga - BGP/OSPF/RIP routing daemon
quagga-doc - documentation files for quagga
Changes:
quagga (0.99.15-1ubuntu0.3) lucid-security; urgency=low
.
* SECURITY UPDATE: arbitrary code execution via malformed Inter Area
Prefix LSA
- debian/patches/99_CVE-2011-3323.dpatch: check lengths in
ospf6d/{ospf6_abr.h,ospf6_asbr.h,ospf6_intra.h,ospf6_lsa.h,
ospf6_message.c,ospf6_message.h,ospf6_proto.h}
- CVE-2011-3323
* SECURITY UPDATE: denial of sevice via crafted Link-State-Advertisement
- debian/patches/99_CVE-2011-3324.dpatch: change assert to warning in
ospf6d/ospf6_lsa.c.
- CVE-2011-3324
* SECURITY UPDATE: denial of service via crafted Hello packet
- debian/patches/99_CVE-2011-3325.dpatch: add extra checks to
ospfd/ospf_packet.c.
- CVE-2011-3325
* SECURITY UPDATE: denial of service via unknown Link-State-Advertisements
types
- debian/patches/99_CVE-2011-3326.dpatch: exit if LSA type is unknown
in ospfd/ospf_flood.c.
- CVE-2011-3326
* SECURITY UPDATE: arbitrary code execution via Extended Communities path
attribute
- debian/patches/99_CVE-2011-3327.dpatch: properly check size in
bgpd/bgp_ecommunity.c.
- CVE-2011-3327
Checksums-Sha1:
717c790d4107874cad8ff009d10dfaecf345a66a 2043 quagga_0.99.15-1ubuntu0.3.dsc
c6a7af1c63f5a14f465fea3ceb321bf334f13aee 46327 quagga_0.99.15-1ubuntu0.3.diff.gz
Checksums-Sha256:
bd4aadfcf969babb8f5b42171b0c3baef5abde27562201aaa5272179b1babcd3 2043 quagga_0.99.15-1ubuntu0.3.dsc
3fb742fdc00978c001276a185df4fc155b6cf3d3e82c74650a421730b14d0772 46327 quagga_0.99.15-1ubuntu0.3.diff.gz
Files:
0014057a105046026d1414978ed9e65b 2043 net optional quagga_0.99.15-1ubuntu0.3.dsc
a93e8a9d2a6558ace647f955a146c58d 46327 net optional quagga_0.99.15-1ubuntu0.3.diff.gz
Original-Maintainer: Christian Hammers <ch at debian.org>
More information about the Lucid-changes
mailing list