-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Sun, 02 Oct 2011 14:28:25 +0200
Source: quagga
Binary: quagga quagga-doc
Architecture: i386
Version: 0.99.10-1lenny6
Distribution: lenny-security
Urgency: high
Maintainer: i386 Build Daemon (murphy) <buildd_i386-murphy@buildd.debian.org>
Changed-By: Florian Weimer <fw@deneb.enyo.de>
Description: 
 quagga     - BGP/OSPF/RIP routing daemon
 quagga-doc - documentation files for quagga
Changes: 
 quagga (0.99.10-1lenny6) lenny-security; urgency=high
 .
   * SECURITY:
     This is a backport of the security patches of Quagga 0.99.19 and 0.99.20:
     - The vulnerabilities CVE-2011-3324 and CVE-2011-3323 are related to the
       IPv6 routing protocol (OSPFv3) implemented in ospf6d daemon. Receiving
       modified Database Description and Link State Update messages,
       respectively, can result in denial of service in IPv6 routing.
     - The vulnerability CVE-2011-3325 is a denial of service vulnerability
       related to Hello message handling by the OSPF service. As Hello messages
       are used to initiate adjacencies, exploiting the vulnerability may be
       feasible from the same broadcast domain without an established adjacency.
       A malformed packet may result in denial of service in IPv4 routing.
     - The vulnerability CVE-2011-3326 results from the handling of LSA (Link
       State Advertisement) states in the OSPF service. Receiving a modified
       Link State Update message with malicious state information can result in
       denial of service in IPv4 routing.
     - The vulnerability CVE-2011-3327 is related to the extended communities
       handling in BGP messages. Receiving a malformed BGP update can result in
       a buffer overflow and disruption of IPv4 routing.
Checksums-Sha1: 
 598a00b4428579ba7741f33c873087533372bcbb 1610352 quagga_0.99.10-1lenny6_i386.deb
Checksums-Sha256: 
 e7f4248bfe841fc9c3f25a6b448de64173ad5ac2c2e00b0e10880706f0e159b9 1610352 quagga_0.99.10-1lenny6_i386.deb
Files: 
 5ae26c32671f72fa6d577c772e996b2d 1610352 net optional quagga_0.99.10-1lenny6_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQIcBAEBCAAGBQJOi2w9AAoJELdq5EKse8nB8BgP/2mWUH9zxM4jD2pOQwILbi//
miVteo7N2796WMSSJzj40wdhChXc74LCw3+yAlrjlRle62Vtb5U03d7SUHr9ak0O
/AS/c8I7TTPcUT9BckJAp8sBi1YqUB+K8Jdu/IkxKgUfxQ18Ysp9QzmEiJHybLQU
lm6HizC1la51LQoPoW6dqxsq3UckiLOMkdm2R5QKbAsiGCn7bcRYM29HbT9InaZT
kJDM+/GwP8xh/UK8qoQUw8JEzO+QWTGZDMvSpHYTYXuvANczkstDyMe0F4X3LskH
+H/gMuZYI/DR0p1hvQo+49ovKVGO8m0MB73ZvtZ8bQ2dPeFXwXP6hcNP8WVDISXM
/PCB1GRdEFFLKfBd2SqTastGChov40ZOfv4DBxU5cpeRBuVBNV58Bzfkbd+IDs6C
lT0lpP5msHwk+8lbDg82tx094iBKYWlTrDqBhasUvxOfmEGbNeGSHuG6MeHLx88f
G3pxLLnfqQsAUk3nMa++MdPB2UW3EoZPI1O563OdCFRSYvpm+zsjGPjTJEY/KqNe
Wm185jaLWYeZ1HyeJKiE9Ef6QVVIscAasKGagFcQLD1PSZTyxM8DSm7g1TSh5Agw
ywhRsR09C2Kb/T3QYFr50jROD5uThuG1VuxkDB/gA41CamsnJ3NbH/OxX91mzo+5
7/r6H1dkA5RDfezBbf4+
=9crj
-----END PGP SIGNATURE-----