[ubuntu/dapper-security] quagga, quagga (delayed) 0.99.2-1ubuntu3.7 (Accepted)

Tue, 07 Dec 2010 11:05:32 -0800 

quagga (0.99.2-1ubuntu3.7) dapper-security; urgency=low

  * SECURITY UPDATE: denial of service and possible arbitrary code
    execution via malformed Outbound Route Filtering (ORF) record
    - debian/patches/93_CVE-2010-2948.dpatch: improve bounds checking in
      bgpd/bgp_packet.c.
    - CVE-2010-2948
  * SECURITY UPDATE: denial of service via unknown AS type
    - debian/patches/93_CVE-2010-2949.dpatch: check segment types and
      lengths in bgpd/bgp_aspath.c.
    - CVE-2010-2949

Date: Thu, 11 Nov 2010 14:59:48 -0500
Changed-By: Marc Deslauriers <[email protected]>
Maintainer: Christian Hammers <[email protected]>
https://launchpad.net/ubuntu/dapper/+source/quagga/0.99.2-1ubuntu3.7

Format: 1.7
Date: Thu, 11 Nov 2010 14:59:48 -0500
Source: quagga
Binary: quagga quagga-doc
Architecture: source
Version: 0.99.2-1ubuntu3.7
Distribution: dapper-security
Urgency: low
Maintainer: Christian Hammers <[email protected]>
Changed-By: Marc Deslauriers <[email protected]>
Description: 
 quagga     - unoff. successor of the Zebra BGP/OSPF/RIP routing daemon
 quagga-doc - documentation files for quagga
Changes: 
 quagga (0.99.2-1ubuntu3.7) dapper-security; urgency=low
 .
   * SECURITY UPDATE: denial of service and possible arbitrary code
     execution via malformed Outbound Route Filtering (ORF) record
     - debian/patches/93_CVE-2010-2948.dpatch: improve bounds checking in
       bgpd/bgp_packet.c.
     - CVE-2010-2948
   * SECURITY UPDATE: denial of service via unknown AS type
     - debian/patches/93_CVE-2010-2949.dpatch: check segment types and
       lengths in bgpd/bgp_aspath.c.
     - CVE-2010-2949
Files: 
 dfa7ab569c6be50f015f0261a767dd68 1411 net optional quagga_0.99.2-1ubuntu3.7.dsc
 33d87fda16424363b5ed66d76a0e84d0 35595 net optional 
quagga_0.99.2-1ubuntu3.7.diff.gz

-- 
dapper-changes mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/dapper-changes

Reply via email to