*** This bug is a security vulnerability ***
You have been subscribed to a public security bug by Marc Deslauriers
(mdeslaur):
Binary package hint: quagga
The maverick chagelog says:
quagga (0.99.17-1) unstable; urgency=high
* SECURITY:
"This release provides two important bugfixes, which address remote crash
possibility in bgpd discovered by CROSS team.":
1. Stack buffer overflow by processing certain Route-Refresh messages
CVE-2010-2948
2. DoS (crash) while processing certain BGP update AS path messages
CVE-2010-2949
Closes: #594262
-- Christian Hammers <[email protected]> Wed, 25 Aug 2010 00:52:48 +0200
Please upgrade the lucid package to resolve this security issue.
Thanks.
** Affects: quagga (Ubuntu)
Importance: Undecided
Status: Fix Released
** Affects: quagga (Ubuntu Lucid)
Importance: Medium
Status: Confirmed
** Affects: quagga (Ubuntu Dapper)
Importance: Medium
Status: Confirmed
** Affects: quagga (Ubuntu Hardy)
Importance: Medium
Status: Confirmed
** Affects: quagga (Ubuntu Karmic)
Importance: Medium
Status: Confirmed
--
Upgrade quagga in lucid
https://bugs.edge.launchpad.net/bugs/683958
You received this bug notification because you are a member of Ubuntu Bugs,
which is a direct subscriber.
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
