-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Sun, 02 Oct 2011 14:28:25 +0200
Source: quagga
Binary: quagga quagga-doc
Architecture: hppa
Version: 0.99.10-1lenny6
Distribution: lenny-security
Urgency: high
Maintainer: hppa Build Daemon (peri) <buildd_hppa-peri@buildd.debian.org>
Changed-By: Florian Weimer <fw@deneb.enyo.de>
Description: 
 quagga     - BGP/OSPF/RIP routing daemon
 quagga-doc - documentation files for quagga
Changes: 
 quagga (0.99.10-1lenny6) lenny-security; urgency=high
 .
   * SECURITY:
     This is a backport of the security patches of Quagga 0.99.19 and 0.99.20:
     - The vulnerabilities CVE-2011-3324 and CVE-2011-3323 are related to the
       IPv6 routing protocol (OSPFv3) implemented in ospf6d daemon. Receiving
       modified Database Description and Link State Update messages,
       respectively, can result in denial of service in IPv6 routing.
     - The vulnerability CVE-2011-3325 is a denial of service vulnerability
       related to Hello message handling by the OSPF service. As Hello messages
       are used to initiate adjacencies, exploiting the vulnerability may be
       feasible from the same broadcast domain without an established adjacency.
       A malformed packet may result in denial of service in IPv4 routing.
     - The vulnerability CVE-2011-3326 results from the handling of LSA (Link
       State Advertisement) states in the OSPF service. Receiving a modified
       Link State Update message with malicious state information can result in
       denial of service in IPv4 routing.
     - The vulnerability CVE-2011-3327 is related to the extended communities
       handling in BGP messages. Receiving a malformed BGP update can result in
       a buffer overflow and disruption of IPv4 routing.
Checksums-Sha1: 
 c682cd268d39565bbe156601626b88890374871d 1686098 quagga_0.99.10-1lenny6_hppa.deb
Checksums-Sha256: 
 55e5f912f9adc0ac3f2d8f0412c508afcc45a3365129a79219dbde4ec39d8b74 1686098 quagga_0.99.10-1lenny6_hppa.deb
Files: 
 9ed5d58ad282ba3332398c0f4b5f6ec2 1686098 net optional quagga_0.99.10-1lenny6_hppa.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iQIcBAEBCAAGBQJOi282AAoJEDnMszRyb57UvvMP/jxsh8FZGOMhq39SMRcy+jWq
s9PPsTSllj2JnasQKnwmm1Ce9z4XCU7Eabd1372EEnA1Es7CmP8rUOSls0ymt7EG
tXZRjBKHTLOsJjNdodtg8dkLHVIZMrd8VWAVJO8MiHrS0lSTZqieAW73q4KFswBr
h+tI0SO0i5IHaAPjH3UkkYjJd1O/4c5NkkzuDwk0UU00C/Id7v3ZosRqHNZI+olE
qXry6rK5ffGegmU0bnzhlTmCDHIlEADbFcMx3ycAcvbmLh8SCOAzCsWxk9rAK4aN
/L0mFTv37yXHtakZvah07Gv6TZpRb7m+3ZwdvgyX2XRHucTi5OpDsopGmA7IwEdP
tn+IEOqglsnb6Uw9WZWG9495RcBCZrxG1RcxL/jQLGlI9TssvWu+dg8dGJ9Vtdzn
lZv+2TbFTwXSySQ9CzuTrSc53uu+z153sxtLreLRl+fYVvF3UFHXa+T+KiXHqD7N
h+R9oYWIcUh8HLxlAyvsINlmKznKVPuZ+fyb6CYqWkAvffLG3kJZEudBI77mD5tN
TVgJR6RpiygfTjevA29vfDUGOXTf5ufRjgx9sULT5UL0VBM9Rkn4qbe3KWoSrXbB
U3R3nK6sPadZ9tlZQiGFLRLASwxfgbRSOOXuJEIhCC1gLOQmpjhbFjBeIdGwQP0B
+AoJXv9rjLHGm/eskA+7
=R3vg
-----END PGP SIGNATURE-----