Hello Thanks for the notice, I will prepare new packages.
FYI, I've just got CVE numbers for this issue from the RedHat Security Team: CVE-2012-0249 - Quagga ospfd DoS on malformed LS-Update packet CVE-2012-0250 - Quagga ospfd DoS on malformed Network-LSA data CVE-2012-0255 - Quagga bgpd DoS on malformed OPEN message bye, -christian- Am Wed, 14 Mar 2012 20:23:09 -0300 schrieb Henrique de Moraes Holschuh <[email protected]>: > Package: quagga > Version: 0.99.20 > Severity: important > Tags: security > > Quagga 0.99.20.1 has been released > This is a security-fix release that addresses 3 pending CVEs, one in > bgpd and two in ospfd. The CVEs will be linked once released. > > However, the changelog tells more: > http://download.savannah.gnu.org/releases/quagga/quagga-0.99.20.1.changelog.txt > > Please upload updated packages ASAP. > > -- System Information: > Debian Release: 6.0.4 > APT prefers proposed-updates > APT policy: (990, 'proposed-updates'), (990, 'stable'), (500, > 'stable-updates') Architecture: amd64 (x86_64) > > Kernel: Linux 3.0.24+ (SMP w/8 CPU cores) > Locale: LANG=pt_BR.UTF-8, LC_CTYPE=pt_BR.UTF-8 (charmap=UTF-8) > Shell: /bin/sh linked to /bin/dash > -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
