"Christian Hammers" <ch@lathspell.de> writes: > The package built fine so far and is 2 days old. Changelog is: > > quagga (0.99.17-1) unstable; urgency=high > . > * SECURITY: > "This release provides two important bugfixes, which address remote > crash > possibility in bgpd discovered by CROSS team.": > 1. Stack buffer overflow by processing certain Route-Refresh messages > CVE-2010-2948 > 2. DoS (crash) while processing certain BGP update AS path messages > CVE-2010-2949 > Closes: #594262 Unblocked. In the future, targetted fixes instead of new upstream releases would be more than helpful. Marc -- BOFH #343: The ATM board has run out of 10 pound notes. We are having a whip round to refill it, care to contribute ?
Attachment:
pgpPoKX7nthAZ.pgp
Description: PGP signature