Public bug reported: Please sync quagga 0.99.17-1 (main) from Debian unstable (main)
A look at the upstream changelog (http://www.quagga.net/download/quagga-0.99.17.changelog.txt) shows no changes that would need a FFe. A look at the diffstat of the debdiff shows also no huge changes to the source (except generated files like configure and .in files). Changelog entries since current maverick version 0.99.16-1: quagga (0.99.17-1) unstable; urgency=high * SECURITY: "This release provides two important bugfixes, which address remote crash possibility in bgpd discovered by CROSS team.": 1. Stack buffer overflow by processing certain Route-Refresh messages CVE-2010-2948 2. DoS (crash) while processing certain BGP update AS path messages CVE-2010-2949 Closes: #594262 -- Christian Hammers <c...@debian.org> Wed, 25 Aug 2010 00:52:48 +0200 ** Affects: quagga (Ubuntu) Importance: Wishlist Status: New ** Changed in: quagga (Ubuntu) Importance: Undecided => Wishlist ** Changed in: quagga (Ubuntu) Status: New => Confirmed ** Changed in: quagga (Ubuntu) Status: Confirmed => New ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-2948 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-2949 -- Sync quagga 0.99.17-1 (main) from Debian unstable (main) https://bugs.launchpad.net/bugs/625740 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to quagga in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs