Accepted quagga 0.99.17-2+squeeze3 (source all amd64)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Sun, 02 Oct 2011 01:00:22 +0200
Source: quagga
Binary: quagga quagga-doc
Architecture: source all amd64
Version: 0.99.17-2+squeeze3
Distribution: stable-security
Urgency: high
Maintainer: Christian Hammers <ch@debian.org>
Changed-By: Christian Hammers <ch@debian.org>
Description:
quagga - BGP/OSPF/RIP routing daemon
quagga-doc - documentation files for quagga
Changes:
quagga (0.99.17-2+squeeze3) stable-security; urgency=high
.
* SECURITY:
This is a backport of the security patches of Quagga 0.99.19 and 0.99.20:
- The vulnerabilities CVE-2011-3324 and CVE-2011-3323 are related to the
IPv6 routing protocol (OSPFv3) implemented in ospf6d daemon. Receiving
modified Database Description and Link State Update messages,
respectively, can result in denial of service in IPv6 routing.
- The vulnerability CVE-2011-3325 is a denial of service vulnerability
related to Hello message handling by the OSPF service. As Hello messages
are used to initiate adjacencies, exploiting the vulnerability may be
feasible from the same broadcast domain without an established adjacency.
A malformed packet may result in denial of service in IPv4 routing.
- The vulnerability CVE-2011-3326 results from the handling of LSA (Link
State Advertisement) states in the OSPF service. Receiving a modified
Link State Update message with malicious state information can result in
denial of service in IPv4 routing.
- The vulnerability CVE-2011-3327 is related to the extended communities
handling in BGP messages. Receiving a malformed BGP update can result in
a buffer overflow and disruption of IPv4 routing.
Checksums-Sha1:
cd2430a7faab2afb44cc78ab679533cdb93e7c2e 1624 quagga_0.99.17-2+squeeze3.dsc
5c0bc04e6fe80318a4dce1dd8c2a6aaaeeb7f4fc 47280 quagga_0.99.17-2+squeeze3.diff.gz
7f3711cc1caa2d71c44b8d76e55588262b0bae01 608902 quagga-doc_0.99.17-2+squeeze3_all.deb
905d9449b70111bf36a8807d51bbd0880bca3590 1723612 quagga_0.99.17-2+squeeze3_amd64.deb
Checksums-Sha256:
dcc3eaa9500b4741d0f86920f1b1fd8d144ff4fb447892f9d52ddc35a766f312 1624 quagga_0.99.17-2+squeeze3.dsc
4f21dc046accfad851685ef9d3d9dd2f465cca999f15af91523224cda614d644 47280 quagga_0.99.17-2+squeeze3.diff.gz
5f9f0cbbc9b1a3b2f6473647764618bca99d1f94f0848c87e11e9f5535c92522 608902 quagga-doc_0.99.17-2+squeeze3_all.deb
6cd36898c9bca5d387e0631ee19a2238a97d667cc9932bf3fd78865c682ff07f 1723612 quagga_0.99.17-2+squeeze3_amd64.deb
Files:
2e962666da02bf0ac7ed0f09e4827b6d 1624 net optional quagga_0.99.17-2+squeeze3.dsc
ab1b3ee7fc6206ff378165de880af5c0 47280 net optional quagga_0.99.17-2+squeeze3.diff.gz
762b3eaee9e6e4d7c5c1d37a1cdd5127 608902 doc optional quagga-doc_0.99.17-2+squeeze3_all.deb
d4de5274e5bad804ee57249b8dfe7c48 1723612 net optional quagga_0.99.17-2+squeeze3_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iQEcBAEBAgAGBQJOiDpcAAoJEL97/wQC1SS+8NYIAKhFD90gWaZn+q71xly4j725
qQY55gJBCu9Bu8XMAuSw1/K6gPwl7plP6/xceFevh/NT/eFkIIaudv7+2T1GISMU
k/FbgiluoTkPWIiOM1GGU0LYXjT4Y2rI/4AF1F3oWKB8deiLX+GRnOvoCU9GMEbG
Vzz2lqAX5UqHJNGUjGeILo4nff7g8Vqs+Tj/Ith5DbnLGi9Pe6LcDqsNAa5K+rF4
UYkDfHRsWAKEoLxroNHHOmhZLMEd5m2YAX4RSCq+4XY9L9MRu8TWX5vZvQHNDJLN
NDgM59tSDC5a+/eyHsRdbsmYScYIq77slOnSa27Nt7e5XPL40YiAG3NCyHhHTAU=
=sRKC
-----END PGP SIGNATURE-----
Accepted:
quagga-doc_0.99.17-2+squeeze3_all.deb
to main/q/quagga/quagga-doc_0.99.17-2+squeeze3_all.deb
quagga_0.99.17-2+squeeze3.diff.gz
to main/q/quagga/quagga_0.99.17-2+squeeze3.diff.gz
quagga_0.99.17-2+squeeze3.dsc
to main/q/quagga/quagga_0.99.17-2+squeeze3.dsc
quagga_0.99.17-2+squeeze3_amd64.deb
to main/q/quagga/quagga_0.99.17-2+squeeze3_amd64.deb
Reply to: