-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Sun, 02 Oct 2011 14:28:25 +0200
Source: quagga
Binary: quagga quagga-doc
Architecture: alpha
Version: 0.99.10-1lenny6
Distribution: lenny-security
Urgency: high
Maintainer: alpha Build Daemon (goetz) <buildd_alpha-goetz@buildd.debian.org>
Changed-By: Florian Weimer <fw@deneb.enyo.de>
Description: 
 quagga     - BGP/OSPF/RIP routing daemon
 quagga-doc - documentation files for quagga
Changes: 
 quagga (0.99.10-1lenny6) lenny-security; urgency=high
 .
   * SECURITY:
     This is a backport of the security patches of Quagga 0.99.19 and 0.99.20:
     - The vulnerabilities CVE-2011-3324 and CVE-2011-3323 are related to the
       IPv6 routing protocol (OSPFv3) implemented in ospf6d daemon. Receiving
       modified Database Description and Link State Update messages,
       respectively, can result in denial of service in IPv6 routing.
     - The vulnerability CVE-2011-3325 is a denial of service vulnerability
       related to Hello message handling by the OSPF service. As Hello messages
       are used to initiate adjacencies, exploiting the vulnerability may be
       feasible from the same broadcast domain without an established adjacency.
       A malformed packet may result in denial of service in IPv4 routing.
     - The vulnerability CVE-2011-3326 results from the handling of LSA (Link
       State Advertisement) states in the OSPF service. Receiving a modified
       Link State Update message with malicious state information can result in
       denial of service in IPv4 routing.
     - The vulnerability CVE-2011-3327 is related to the extended communities
       handling in BGP messages. Receiving a malformed BGP update can result in
       a buffer overflow and disruption of IPv4 routing.
Checksums-Sha1: 
 e0ea40848183ad2989c46146a930af9839c0bf4d 1904914 quagga_0.99.10-1lenny6_alpha.deb
Checksums-Sha256: 
 33fe1b1df5d4b0aee68e74283ddf1ab463d9052213d211ac64375831ca3175ef 1904914 quagga_0.99.10-1lenny6_alpha.deb
Files: 
 c842b644ee5cad630fa512e98621c763 1904914 net optional quagga_0.99.10-1lenny6_alpha.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iQIcBAEBCAAGBQJOi22kAAoJEER2w+2N9C+GvJMP+wX5vJFLXQYa0d89YfyPp8NW
m6Z8+WGWMHjak4CDOylcKQiO9iNFobsl92a2iwhD88MNM+aGLAaHgeRN9HYS11AL
zArfnzFwxT8ZOga7TCDRsxlFTz8rLkpshbcRFVT1u4MsEpftPySdLbPXXtYBk8eP
ueokKSWmBy6RW6Fyc84ROdINZDKKNyHgWLELrkauNjxJgpYQxprrfRoX+aSfhcyV
eRcNBIvf+zdy0BPFoMR15ucYdBzStGYJilUrWQ1KCXLgnBpoVMayqlKNg/MS54Rz
G1Ti/U8FniYfw3tq5UCW+6Swm3I1r01ER0xRrCh3oikDNy8R3KXkieIPMi0bFIfN
Yu7Qg+vWcNlBS+hI0I+QsACnGuuNT3jZQ8gtqHiE0gGCIcG4zgBYx3iTQNSM9Cdr
+VCEsErHcPQCeczdsC8/OHHuuXo5+VFXQ74+q0ZuL2bl1BE/giEL9ix3hJNbDwzD
r+NIvm7CgKl269ynIH9CxmOkNIAt5FwOExmJL1KxVLt4f7K4pkDpZCOJvaWk18+Y
mKqogmMSNLgqrCiLV2VcNsm8gUIcG8Ntwk0y3B3+F6eZVDxA7fYMW13N+j8tCPRM
MzqkEM/sxd4F0z5GVlLUqyCA6YtHAO6MuyRy9eq/PSHUWKoP1s/cyMA2YSkFSCp1
gWfSAVErJM24CC7Ui4tm
=R7O8
-----END PGP SIGNATURE-----