[ubuntu/natty-security] quagga, quagga_0.99.17-4ubuntu1.1_amd64_translations.tar.gz, quagga_0.99.17-4ubuntu1.1_powerpc_translations.tar.gz, quagga_0.99.17-4ubuntu1.1_i386_translations.tar.gz, quagga_0.99.17-4ubuntu1.1_armel_translations.tar.gz 0.99.17-4ubuntu1.1 (Accepted)
Marc Deslauriers
marc.deslauriers at ubuntu.com
Mon Nov 14 19:03:27 UTC 2011
quagga (0.99.17-4ubuntu1.1) natty-security; urgency=low
* SECURITY UPDATE: arbitrary code execution via malformed Inter Area
Prefix LSA
- debian/patches/99_CVE-2011-3323.dpatch: check lengths in
ospf6d/{ospf6_abr.h,ospf6_asbr.h,ospf6_intra.h,ospf6_lsa.h,
ospf6_message.c,ospf6_message.h,ospf6_proto.h}
- CVE-2011-3323
* SECURITY UPDATE: denial of sevice via crafted Link-State-Advertisement
- debian/patches/99_CVE-2011-3324.dpatch: change assert to warning in
ospf6d/ospf6_lsa.c.
- CVE-2011-3324
* SECURITY UPDATE: denial of service via crafted Hello packet
- debian/patches/99_CVE-2011-3325.dpatch: add extra checks to
ospfd/ospf_packet.c.
- CVE-2011-3325
* SECURITY UPDATE: denial of service via unknown Link-State-Advertisements
types
- debian/patches/99_CVE-2011-3326.dpatch: exit if LSA type is unknown
in ospfd/ospf_flood.c.
- CVE-2011-3326
* SECURITY UPDATE: arbitrary code execution via Extended Communities path
attribute
- debian/patches/99_CVE-2011-3327.dpatch: properly check size in
bgpd/bgp_ecommunity.c.
- CVE-2011-3327
Date: Fri, 07 Oct 2011 10:02:01 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/natty/+source/quagga/0.99.17-4ubuntu1.1
-------------- next part --------------
Format: 1.8
Date: Fri, 07 Oct 2011 10:02:01 -0400
Source: quagga
Binary: quagga quagga-doc
Architecture: source
Version: 0.99.17-4ubuntu1.1
Distribution: natty-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
quagga - BGP/OSPF/RIP routing daemon
quagga-doc - documentation files for quagga
Changes:
quagga (0.99.17-4ubuntu1.1) natty-security; urgency=low
.
* SECURITY UPDATE: arbitrary code execution via malformed Inter Area
Prefix LSA
- debian/patches/99_CVE-2011-3323.dpatch: check lengths in
ospf6d/{ospf6_abr.h,ospf6_asbr.h,ospf6_intra.h,ospf6_lsa.h,
ospf6_message.c,ospf6_message.h,ospf6_proto.h}
- CVE-2011-3323
* SECURITY UPDATE: denial of sevice via crafted Link-State-Advertisement
- debian/patches/99_CVE-2011-3324.dpatch: change assert to warning in
ospf6d/ospf6_lsa.c.
- CVE-2011-3324
* SECURITY UPDATE: denial of service via crafted Hello packet
- debian/patches/99_CVE-2011-3325.dpatch: add extra checks to
ospfd/ospf_packet.c.
- CVE-2011-3325
* SECURITY UPDATE: denial of service via unknown Link-State-Advertisements
types
- debian/patches/99_CVE-2011-3326.dpatch: exit if LSA type is unknown
in ospfd/ospf_flood.c.
- CVE-2011-3326
* SECURITY UPDATE: arbitrary code execution via Extended Communities path
attribute
- debian/patches/99_CVE-2011-3327.dpatch: properly check size in
bgpd/bgp_ecommunity.c.
- CVE-2011-3327
Checksums-Sha1:
8c313bb5ce6a5476311a106e741fe577052c6f89 2052 quagga_0.99.17-4ubuntu1.1.dsc
72aac5f89a35f7a33b802fe187cbe1e2ee5100d4 45325 quagga_0.99.17-4ubuntu1.1.diff.gz
Checksums-Sha256:
824872e90b86bf0b9f35f002b47c322b6bea96d24e15e3047e3c9e5cd6961866 2052 quagga_0.99.17-4ubuntu1.1.dsc
985c477d1011ac667f8da6d192c533ba27e358deb7541ca236b77e8f5e3a7ada 45325 quagga_0.99.17-4ubuntu1.1.diff.gz
Files:
4dc57e1b7a06780bbe32118791efc713 2052 net optional quagga_0.99.17-4ubuntu1.1.dsc
76702d72ef06d6e140065e1ccd17d2d6 45325 net optional quagga_0.99.17-4ubuntu1.1.diff.gz
Original-Maintainer: Christian Hammers <ch at debian.org>
More information about the Natty-changes
mailing list