CVSROOT: /cvs
Module name: ports
Changes by: [email protected] 2018/02/16 15:11:41
Modified files:
net/quagga : Tag: OPENBSD_6_2 Makefile
Added files:
net/quagga/patches: Tag: OPENBSD_6_2 patch-bgpd_bgp_attr_c
patch-bgpd_bgp_attr_h
Log message:
backport the fix for the worst of the recent Quagga bugs,
https://www.quagga.net/security/Quagga-2018-1114.txt
Double-free (crash, possible code execution) when processing a BGP update.
<<
The issue is a double-free in bgp_attr_flush called from
bgp_packet.c:bgp_update_receive. This can be triggered by a variety of
BGP UPDATE messages, containing either a "CLUSTER_LIST" attribute (used
in iBGP route-reflection) or an unknown attribute.
An unrecognised optional/transitive UPDATE attribute should be passed along
by conforming BGP speakers, if the attribute is otherwise well-formed.
Therefore this issue potentially can be triggered across a number of Quagga
bgpd speakers, over a wide area of a network, by one BGP speaker sending an
UPDATE.
>>
