Package: quagga Version: 0.99.21-1 Severity: important Tags: upstream patch
Hello As our stable-proposed-updates policy demands a bug report, I create one based on the below mail which I got from one of the Quagga maintainers. Updated packages are build and will soon be uploaded. bye, -christian- Beginn der weitergeleiteten Nachricht: Datum: Sat, 20 Apr 2013 17:47:50 +0200 Von: David Lamparter <equi...@opensourcerouting.org> An: Christian Hammers <c...@debian.org>, Florian Weimer <f...@debian.org> Betreff: Quagga version in wheezy & squeeze-backports Hi Christian, Hi Florian, looking through the various distribution's Quagga packages, I noticed you are shipping 0.99.21 without the thread_cancel_event fix applied. This makes ospfd completely unusable. Without the patch, ospfd will crash randomly when a neighbor goes down. (If required, this might be considered a DoS security issue.) The patch is up at: http://git.savannah.gnu.org/cgit/quagga.git/commit/?h=stable/0.99.21&id=aaa964a8f861d5cd68723adc27236548f3f05713 ... -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org