Accepted quagga 0.99.21-3~bpo60+2 (source amd64 all)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Mon, 11 Nov 2013 23:36:58 +0100
Source: quagga
Binary: quagga quagga-dbg quagga-doc
Architecture: source amd64 all
Version: 0.99.21-3~bpo60+2
Distribution: squeeze-backports
Urgency: high
Maintainer: Christian Hammers <ch@debian.org>
Changed-By: Christian Hammers <ch@debian.org>
Description:
quagga - BGP/OSPF/RIP routing daemon
quagga-dbg - BGP/OSPF/RIP routing daemon (debug symbols)
quagga-doc - documentation files for quagga
Closes: 664033 671916 676510 726724
Changes:
quagga (0.99.21-3~bpo60+2) squeeze-backports; urgency=high
.
* SECURITY:
ospfd: CVE-2013-2236, stack overrun in apiserver
.
the OSPF API-server (exporting the LSDB and allowing announcement of
Opaque-LSAs) writes past the end of fixed on-stack buffers. This leads
to an exploitable stack overflow.
.
For this condition to occur, the following two conditions must be true:
- Quagga is configured with --enable-opaque-lsa
- ospfd is started with the "-a" command line option
Closes: #726724
.
quagga (0.99.21-3~bpo60+1) squeeze-backports; urgency=high
.
* Backport of CVE-2012-1820 for squeeze.
.
quagga (0.99.21-3) unstable; urgency=high
.
* SECURITY:
CVE-2012-1820 - Quagga contained a bug in BGP OPEN message handling.
A denial-of-service condition could be caused by an attacker controlling
one of the pre-configured BGP peers. In most cases this means, that the
attack must be originated from an adjacent network. Closes: #676510
.
quagga (0.99.21-2) unstable; urgency=low
.
* Renamed babeld.8 to quagga-babeld.8 as it conflicted with the
original mapage of the babeld package which users might want to
install in parallel as it is slightly more capable. Closes: #671916
.
quagga (0.99.21-1) unstable; urgency=low
.
* New upstream release
- [bgpd] BGP multipath support has been merged
- [bgpd] SAFI (Multicast topology) support has been extended to propagate
the topology to zebra.
- [bgpd] AS path limit functionality has been removed
- [babeld] a new routing daemon implementing the BABEL ad-hoc mesh routing
protocol has been merged.
- [isisd] a major overhaul has been picked up. Please note that isisd is
STILL NOT SUITABLE FOR PRODUCTION USE.
- a lot of bugs have been fixed
* Added watchquagga daemon.
* Added DEP-3 conforming patch comments.
.
quagga (0.99.20.1-1) unstable; urgency=high
.
* SECURITY:
CVE-2012-0249 - Quagga ospfd DoS on malformed LS-Update packet
CVE-2012-0250 - Quagga ospfd DoS on malformed Network-LSA data
CVE-2012-0255 - Quagga bgpd DoS on malformed OPEN message
* New upstream release. Closes: #664033
Checksums-Sha1:
85bcf828b1b4cd1f0d03c7123b45b8eba96e3401 1365 quagga_0.99.21-3~bpo60+2.dsc
710a260168cb4c4334bed7848e91bffa1fdc9954 1572264 quagga_0.99.21.orig.tar.xz
9326285caae80e2f43a53dec11e7f4f985c078c0 41416 quagga_0.99.21-3~bpo60+2.debian.tar.gz
49497f1f0dd0729dde1c0c8a86a01055be717802 1845018 quagga_0.99.21-3~bpo60+2_amd64.deb
5ed5961fd8ec1459fb68ddbba7dd3d1a46383799 1888016 quagga-dbg_0.99.21-3~bpo60+2_amd64.deb
eb189fc72fb733679c9dd8ec4a8edd21bb6f3b4b 649270 quagga-doc_0.99.21-3~bpo60+2_all.deb
Checksums-Sha256:
6800a348c24e9627fafbaa77586846b1954d98c6aa0542d31d7a89e6709a9b72 1365 quagga_0.99.21-3~bpo60+2.dsc
87329c3d9d4e5c0a74812e725026560c477f610eec9771e67baf513da0357246 1572264 quagga_0.99.21.orig.tar.xz
3dcf4e7339cc551f7816ed35df000273cadf9ce59d8d86409a8b31ed8a31ab10 41416 quagga_0.99.21-3~bpo60+2.debian.tar.gz
5d9b8db846ff52c32455366287e579168b87b57f576bc080b1f4f3596f4dc008 1845018 quagga_0.99.21-3~bpo60+2_amd64.deb
190974afa8da2aac55cabc486a3efba30875916b1bfba3db7a753dca3bf23c0d 1888016 quagga-dbg_0.99.21-3~bpo60+2_amd64.deb
8a65f38e8cb68c6d6c11bd50f4adaa77faf6b095bb26923c5b77c7171c949707 649270 quagga-doc_0.99.21-3~bpo60+2_all.deb
Files:
35aef2c2eb1f89d130cfa70d3870712e 1365 net optional quagga_0.99.21-3~bpo60+2.dsc
0980758b1865b9aa0c60975120bf3453 1572264 net optional quagga_0.99.21.orig.tar.xz
4d1fb0692acbc0e8ec4bd21b3802d2f7 41416 net optional quagga_0.99.21-3~bpo60+2.debian.tar.gz
ac76879772601f202bf5be310e0e860b 1845018 net optional quagga_0.99.21-3~bpo60+2_amd64.deb
8b4cff2b49b7c36bc8583d09f268ec27 1888016 debug extra quagga-dbg_0.99.21-3~bpo60+2_amd64.deb
3552b58a3668b02b8cebbecca99e768f 649270 net optional quagga-doc_0.99.21-3~bpo60+2_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.15 (GNU/Linux)
iEYEARECAAYFAlKBaUgACgkQkR9K5oahGOaJmQCgzlbXcc6ZKMgDpk6CoLGIxalx
hMIAn18k9f2q4YLnn7y0Pm0iML0r1ELU
=5U7D
-----END PGP SIGNATURE-----
Reply to: