Bug#676510: marked as done (CVE-2012-1820: DoS in BGP)

Debian Bug Tracking System Sat, 23 Jun 2012 02:49:31 -0700

Your message dated Sat, 23 Jun 2012 09:47:14 +0000
with message-id <[email protected]>
and subject line Bug#676510: fixed in quagga 0.99.20.1-0+squeeze3
has caused the Debian Bug report #676510,
regarding CVE-2012-1820: DoS in BGP
to be marked as done.


This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
676510: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=676510
Debian Bug Tracking System
Contact [email protected] with problems

--- Begin Message ---

Package: quagga
Severity: grave
Tags: security

Please see https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1820 for
details and a patch.

Cheers,
        Moritz

--- End Message ---

--- Begin Message ---

Source: quagga
Source-Version: 0.99.20.1-0+squeeze3

We believe that the bug you reported is fixed in the latest version of
quagga, which is due to be installed in the Debian FTP archive:

quagga-dbg_0.99.20.1-0+squeeze3_amd64.deb
  to main/q/quagga/quagga-dbg_0.99.20.1-0+squeeze3_amd64.deb
quagga-doc_0.99.20.1-0+squeeze3_all.deb
  to main/q/quagga/quagga-doc_0.99.20.1-0+squeeze3_all.deb
quagga_0.99.20.1-0+squeeze3.debian.tar.gz
  to main/q/quagga/quagga_0.99.20.1-0+squeeze3.debian.tar.gz
quagga_0.99.20.1-0+squeeze3.dsc
  to main/q/quagga/quagga_0.99.20.1-0+squeeze3.dsc
quagga_0.99.20.1-0+squeeze3_amd64.deb
  to main/q/quagga/quagga_0.99.20.1-0+squeeze3_amd64.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Christian Hammers <[email protected]> (supplier of updated quagga package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Fri, 08 Jun 2012 01:27:32 +0200
Source: quagga
Binary: quagga quagga-dbg quagga-doc
Architecture: source amd64 all
Version: 0.99.20.1-0+squeeze3
Distribution: stable-security
Urgency: high
Maintainer: Christian Hammers <[email protected]>
Changed-By: Christian Hammers <[email protected]>
Description: 
 quagga     - BGP/OSPF/RIP routing daemon
 quagga-dbg - BGP/OSPF/RIP routing daemon (debug symbols)
 quagga-doc - documentation files for quagga
Closes: 676510
Changes: 
 quagga (0.99.20.1-0+squeeze3) stable-security; urgency=high
 .
   * SECURITY:
     CVE-2012-1820 - Quagga contained a bug in BGP OPEN message handling.
     A denial-of-service condition could be caused by an attacker controlling
     one of the pre-configured BGP peers. In most cases this means, that the
     attack must be originated from an adjacent network. Closes: #676510
Checksums-Sha1: 
 1e0f077f4b4e61c535da2838f73094ce7c87d646 1386 quagga_0.99.20.1-0+squeeze3.dsc
 2b1c1f5e6ea3621a46ab6a52f324bbeef66cbbf6 38019 
quagga_0.99.20.1-0+squeeze3.debian.tar.gz
 086ee3e0b28cd2317df464c93162ec9f5822f7a8 1738488 
quagga_0.99.20.1-0+squeeze3_amd64.deb
 2bc3278b39b4e9645425b2b6620f826be3d8f552 1749788 
quagga-dbg_0.99.20.1-0+squeeze3_amd64.deb
 c5f9338a9ab580b7a12f3faeda1bdfcb72187504 641572 
quagga-doc_0.99.20.1-0+squeeze3_all.deb
Checksums-Sha256: 
 d4ef6091ba963199766c5b636a32410cf4d139ad67000066b5146e2ebaa02546 1386 
quagga_0.99.20.1-0+squeeze3.dsc
 a15951f49d03a6391a7832b7e4de7dd3690f581e3249cfa980a1c31f35a2ac15 38019 
quagga_0.99.20.1-0+squeeze3.debian.tar.gz
 bf23426eaee868143b1fca219e0ce61f131c0ae63b3d256f0dc88e9584e38919 1738488 
quagga_0.99.20.1-0+squeeze3_amd64.deb
 a967ab933162fd2fcbaa4a5c6920665c71eee1d131510da78579611d1d361b47 1749788 
quagga-dbg_0.99.20.1-0+squeeze3_amd64.deb
 c8344e82259dee89811b1a32ef696e4dfc09becd82b312a17909adef17f9286b 641572 
quagga-doc_0.99.20.1-0+squeeze3_all.deb
Files: 
 d07cf429204ef108dad68ede75efbfde 1386 net optional 
quagga_0.99.20.1-0+squeeze3.dsc
 53903880ec930e760ddcf5f7f08c15bf 38019 net optional 
quagga_0.99.20.1-0+squeeze3.debian.tar.gz
 4a230ca0394aab4d4d7668adbf1e0d3e 1738488 net optional 
quagga_0.99.20.1-0+squeeze3_amd64.deb
 4fb16c5e62007f7565662babea646aef 1749788 debug extra 
quagga-dbg_0.99.20.1-0+squeeze3_amd64.deb
 4cee75bbf540336482025e08c613ddc4 641572 net optional 
quagga-doc_0.99.20.1-0+squeeze3_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQEcBAEBAgAGBQJP1YiAAAoJEL97/wQC1SS+/tUH/0BoESp/A/EVGvKq6qkyofAr
QJrjZvOazVWlrWFGd/HCFtWpG8+dBOA2oHVXzlkB8w/7yEmks1B464fj/Yjn1tq1
onMjUNItriNOUcBhT3GISH+G1g0CrwC0kqBhAtYMF9SLOVFIhPYaoJmfEQg5Ziqt
wbSffeQ4WA8uhB0mL01Z0OQIKp8o4dr5goW3kYbeM/8mKyasMoRlI4sruHpmzFSQ
/RPo3xbOzvb6vw+VYJTiTee0TUxTbcXNBRiwHOU98XUOyj0LnwDpX4pInUQDzfPN
mWhUvFyQArgO68WZ8xjJ9Qz+1vvunlJdT6i5CD62KuzZ5GhVwe8BMKToEd2/zII=
=84zQ
-----END PGP SIGNATURE-----

--- End Message ---

Bug#676510: marked as done (CVE-2012-1820: DoS in BGP)

Reply via email to