On 2018/02/16 19:11, Gleydson Soares wrote:
> > yep, one of these is particularly nasty: use-after-free in a transitive
> > BGP attribute. this is one of those "one update message can kill all
> > quaggas on the internet" bugs.
>
> i've backported the security patches to -stable
ah sorry for the
> yep, one of these is particularly nasty: use-after-free in a transitive
> BGP attribute. this is one of those "one update message can kill all
> quaggas on the internet" bugs.
i've backported the security patches to -stable
potentially severe:
"bgpd/security: Fix double free of unknown
On 2018/02/16 17:48, Gleydson Soares wrote:
> Here's an update for quagga-1.2.3. this release includes security fixes.
yep, one of these is particularly nasty: use-after-free in a transitive
BGP attribute. this is one of those "one update message can kill all
quaggas on the internet" bugs.
> OK?