Accepted quagga 0.99.21-3~bpo60+2 (source amd64 all)

To: debian-backports-changes@lists.debian.org
Subject: Accepted quagga 0.99.21-3~bpo60+2 (source amd64 all)
From: Christian Hammers <ch@debian.org>
Date: Sat, 14 Dec 2013 11:18:12 +0000
Message-id: <[🔎] E1VrnEa-0005NW-Q3@franck.debian.org>
Mail-followup-to: debian-backports@lists.debian.org
Reply-to: debian-backports@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Mon, 11 Nov 2013 23:36:58 +0100
Source: quagga
Binary: quagga quagga-dbg quagga-doc
Architecture: source amd64 all
Version: 0.99.21-3~bpo60+2
Distribution: squeeze-backports
Urgency: high
Maintainer: Christian Hammers <ch@debian.org>
Changed-By: Christian Hammers <ch@debian.org>
Description: 
 quagga     - BGP/OSPF/RIP routing daemon
 quagga-dbg - BGP/OSPF/RIP routing daemon (debug symbols)
 quagga-doc - documentation files for quagga
Closes: 664033 671916 676510 726724
Changes: 
 quagga (0.99.21-3~bpo60+2) squeeze-backports; urgency=high
 .
   * SECURITY:
      ospfd: CVE-2013-2236, stack overrun in apiserver
 .
      the OSPF API-server (exporting the LSDB and allowing announcement of
      Opaque-LSAs) writes past the end of fixed on-stack buffers.  This leads
      to an exploitable stack overflow.
 .
      For this condition to occur, the following two conditions must be true:
      - Quagga is configured with --enable-opaque-lsa
      - ospfd is started with the "-a" command line option
      Closes: #726724
 .
 quagga (0.99.21-3~bpo60+1) squeeze-backports; urgency=high
 .
   * Backport of CVE-2012-1820 for squeeze.
 .
 quagga (0.99.21-3) unstable; urgency=high
 .
   * SECURITY:
     CVE-2012-1820 - Quagga contained a bug in BGP OPEN message handling.
     A denial-of-service condition could be caused by an attacker controlling
     one of the pre-configured BGP peers. In most cases this means, that the
     attack must be originated from an adjacent network. Closes: #676510
 .
 quagga (0.99.21-2) unstable; urgency=low
 .
   * Renamed babeld.8 to quagga-babeld.8 as it conflicted with the
     original mapage of the babeld package which users might want to
     install in parallel as it is slightly more capable. Closes: #671916
 .
 quagga (0.99.21-1) unstable; urgency=low
 .
   * New upstream release
     - [bgpd] BGP multipath support has been merged
     - [bgpd] SAFI (Multicast topology) support has been extended to propagate
       the topology to zebra.
     - [bgpd] AS path limit functionality has been removed
     - [babeld] a new routing daemon implementing the BABEL ad-hoc mesh routing
       protocol has been merged.
     - [isisd] a major overhaul has been picked up. Please note that isisd is
       STILL NOT SUITABLE FOR PRODUCTION USE.
     - a lot of bugs have been fixed
   * Added watchquagga daemon.
   * Added DEP-3 conforming patch comments.
 .
 quagga (0.99.20.1-1) unstable; urgency=high
 .
   * SECURITY:
     CVE-2012-0249 - Quagga ospfd DoS on malformed LS-Update packet
     CVE-2012-0250 - Quagga ospfd DoS on malformed Network-LSA data
     CVE-2012-0255 - Quagga bgpd DoS on malformed OPEN message
   * New upstream release. Closes: #664033
Checksums-Sha1: 
 85bcf828b1b4cd1f0d03c7123b45b8eba96e3401 1365 quagga_0.99.21-3~bpo60+2.dsc
 710a260168cb4c4334bed7848e91bffa1fdc9954 1572264 quagga_0.99.21.orig.tar.xz
 9326285caae80e2f43a53dec11e7f4f985c078c0 41416 quagga_0.99.21-3~bpo60+2.debian.tar.gz
 49497f1f0dd0729dde1c0c8a86a01055be717802 1845018 quagga_0.99.21-3~bpo60+2_amd64.deb
 5ed5961fd8ec1459fb68ddbba7dd3d1a46383799 1888016 quagga-dbg_0.99.21-3~bpo60+2_amd64.deb
 eb189fc72fb733679c9dd8ec4a8edd21bb6f3b4b 649270 quagga-doc_0.99.21-3~bpo60+2_all.deb
Checksums-Sha256: 
 6800a348c24e9627fafbaa77586846b1954d98c6aa0542d31d7a89e6709a9b72 1365 quagga_0.99.21-3~bpo60+2.dsc
 87329c3d9d4e5c0a74812e725026560c477f610eec9771e67baf513da0357246 1572264 quagga_0.99.21.orig.tar.xz
 3dcf4e7339cc551f7816ed35df000273cadf9ce59d8d86409a8b31ed8a31ab10 41416 quagga_0.99.21-3~bpo60+2.debian.tar.gz
 5d9b8db846ff52c32455366287e579168b87b57f576bc080b1f4f3596f4dc008 1845018 quagga_0.99.21-3~bpo60+2_amd64.deb
 190974afa8da2aac55cabc486a3efba30875916b1bfba3db7a753dca3bf23c0d 1888016 quagga-dbg_0.99.21-3~bpo60+2_amd64.deb
 8a65f38e8cb68c6d6c11bd50f4adaa77faf6b095bb26923c5b77c7171c949707 649270 quagga-doc_0.99.21-3~bpo60+2_all.deb
Files: 
 35aef2c2eb1f89d130cfa70d3870712e 1365 net optional quagga_0.99.21-3~bpo60+2.dsc
 0980758b1865b9aa0c60975120bf3453 1572264 net optional quagga_0.99.21.orig.tar.xz
 4d1fb0692acbc0e8ec4bd21b3802d2f7 41416 net optional quagga_0.99.21-3~bpo60+2.debian.tar.gz
 ac76879772601f202bf5be310e0e860b 1845018 net optional quagga_0.99.21-3~bpo60+2_amd64.deb
 8b4cff2b49b7c36bc8583d09f268ec27 1888016 debug extra quagga-dbg_0.99.21-3~bpo60+2_amd64.deb
 3552b58a3668b02b8cebbecca99e768f 649270 net optional quagga-doc_0.99.21-3~bpo60+2_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.15 (GNU/Linux)

iEYEARECAAYFAlKBaUgACgkQkR9K5oahGOaJmQCgzlbXcc6ZKMgDpk6CoLGIxalx
hMIAn18k9f2q4YLnn7y0Pm0iML0r1ELU
=5U7D
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: Accepted vcsh 1.20131214-1~bpo70+1 (source all)
Next by Date: Accepted samba 2:3.6.6-6+deb7u2~bpo60+1 (source amd64 all)
Previous by thread: Accepted vcsh 1.20131214-1~bpo70+1 (source all)
Next by thread: Accepted samba 2:3.6.6-6+deb7u2~bpo60+1 (source amd64 all)
Index(es):
- Date
- Thread