* SECURITY UPDATE: Update to 0.99.20.1 to fix multiple security issues.
(LP: #994169)
- Denial of service via short Link State Update packet
- Denial of service via short network-LSA link-state advertisement
- Denial of service via malformed Four-octet AS Number Capability
- CVE-2012-0249
- CVE-2012-0250
- CVE-2012-0255
* debian/control, debian/rules: Remove quagga-dbg package for Oneiric.
* debian/patches/99_bgpd-fix-memory-leak-for-extra-attributes.diff:
added fix for a bgpd memory leak related to extra attributes. Thanks to
Debian for the regression fix.
-- Marc Deslauriers <email address hidden> Sat, 05 May 2012 17:03:18 -0400
This bug was fixed in the package quagga - 0.99.20. 1-0ubuntu0. 11.10.2
--------------- 1-0ubuntu0. 11.10.2) oneiric-security; urgency=low
quagga (0.99.20.
* SECURITY UPDATE: Update to 0.99.20.1 to fix multiple security issues. patches/ 99_bgpd- fix-memory- leak-for- extra-attribute s.diff:
(LP: #994169)
- Denial of service via short Link State Update packet
- Denial of service via short network-LSA link-state advertisement
- Denial of service via malformed Four-octet AS Number Capability
- CVE-2012-0249
- CVE-2012-0250
- CVE-2012-0255
* debian/control, debian/rules: Remove quagga-dbg package for Oneiric.
* debian/
added fix for a bgpd memory leak related to extra attributes. Thanks to
Debian for the regression fix.
-- Marc Deslauriers <email address hidden> Sat, 05 May 2012 17:03:18 -0400