Re: Freeze exception for quagga

To: "Christian Hammers" <ch@lathspell.de>
Cc: debian-release@lists.debian.org, fw@debian.org
Subject: Re: Freeze exception for quagga
From: Marc 'HE' Brockschmidt <he@ftwca.de>
Date: Sun, 29 Aug 2010 09:34:11 +0200
Message-id: <[🔎] 87mxs5g9e4.fsf@solon.marcbrockschmidt.de>
In-reply-to: <[🔎] 8200372f16e0cd82a28b1b1d0f71f65a.squirrel@mail3.westend.com> (Christian Hammers's message of "Sat, 28 Aug 2010 22:14:28 +0200 (CEST)")
References: <[🔎] 8200372f16e0cd82a28b1b1d0f71f65a.squirrel@mail3.westend.com>

"Christian Hammers" <ch@lathspell.de> writes:
> The package built fine so far and is 2 days old. Changelog is:
>
>  quagga (0.99.17-1) unstable; urgency=high
>  .
>    * SECURITY:
>      "This release provides two important bugfixes, which address remote
> crash
>      possibility in bgpd discovered by CROSS team.":
>      1. Stack buffer overflow by processing certain Route-Refresh messages
>         CVE-2010-2948
>      2. DoS (crash) while processing certain BGP update AS path messages
>         CVE-2010-2949
>      Closes: #594262

Unblocked. In the future, targetted fixes instead of new upstream
releases would be more than helpful.

Marc
-- 
BOFH #343:
The ATM board has run out of 10 pound notes.  We are having a whip
round to refill it, care to contribute ?

Attachment: pgpPoKX7nthAZ.pgp
Description: PGP signature

Reply to:

References:
- Freeze exception for quagga
  - From: "Christian Hammers" <ch@lathspell.de>

Prev by Date: Re: Approval of octave3.2 3.2.4-7
Next by Date: potential freeze-exception for phpmyadmin/3.3.6-1
Previous by thread: Freeze exception for quagga
Next by thread: Approval of octave3.2 3.2.4-7
Index(es):
- Date
- Thread