-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Sun, 02 Oct 2011 01:00:22 +0200 Source: quagga Binary: quagga quagga-doc Architecture: source all amd64 Version: 0.99.17-2+squeeze3 Distribution: stable-security Urgency: high Maintainer: Christian Hammers Changed-By: Christian Hammers Description: quagga - BGP/OSPF/RIP routing daemon quagga-doc - documentation files for quagga Changes: quagga (0.99.17-2+squeeze3) stable-security; urgency=high . * SECURITY: This is a backport of the security patches of Quagga 0.99.19 and 0.99.20: - The vulnerabilities CVE-2011-3324 and CVE-2011-3323 are related to the IPv6 routing protocol (OSPFv3) implemented in ospf6d daemon. Receiving modified Database Description and Link State Update messages, respectively, can result in denial of service in IPv6 routing. - The vulnerability CVE-2011-3325 is a denial of service vulnerability related to Hello message handling by the OSPF service. As Hello messages are used to initiate adjacencies, exploiting the vulnerability may be feasible from the same broadcast domain without an established adjacency. A malformed packet may result in denial of service in IPv4 routing. - The vulnerability CVE-2011-3326 results from the handling of LSA (Link State Advertisement) states in the OSPF service. Receiving a modified Link State Update message with malicious state information can result in denial of service in IPv4 routing. - The vulnerability CVE-2011-3327 is related to the extended communities handling in BGP messages. Receiving a malformed BGP update can result in a buffer overflow and disruption of IPv4 routing. Checksums-Sha1: cd2430a7faab2afb44cc78ab679533cdb93e7c2e 1624 quagga_0.99.17-2+squeeze3.dsc 5c0bc04e6fe80318a4dce1dd8c2a6aaaeeb7f4fc 47280 quagga_0.99.17-2+squeeze3.diff.gz 7f3711cc1caa2d71c44b8d76e55588262b0bae01 608902 quagga-doc_0.99.17-2+squeeze3_all.deb 905d9449b70111bf36a8807d51bbd0880bca3590 1723612 quagga_0.99.17-2+squeeze3_amd64.deb Checksums-Sha256: dcc3eaa9500b4741d0f86920f1b1fd8d144ff4fb447892f9d52ddc35a766f312 1624 quagga_0.99.17-2+squeeze3.dsc 4f21dc046accfad851685ef9d3d9dd2f465cca999f15af91523224cda614d644 47280 quagga_0.99.17-2+squeeze3.diff.gz 5f9f0cbbc9b1a3b2f6473647764618bca99d1f94f0848c87e11e9f5535c92522 608902 quagga-doc_0.99.17-2+squeeze3_all.deb 6cd36898c9bca5d387e0631ee19a2238a97d667cc9932bf3fd78865c682ff07f 1723612 quagga_0.99.17-2+squeeze3_amd64.deb Files: 2e962666da02bf0ac7ed0f09e4827b6d 1624 net optional quagga_0.99.17-2+squeeze3.dsc ab1b3ee7fc6206ff378165de880af5c0 47280 net optional quagga_0.99.17-2+squeeze3.diff.gz 762b3eaee9e6e4d7c5c1d37a1cdd5127 608902 doc optional quagga-doc_0.99.17-2+squeeze3_all.deb d4de5274e5bad804ee57249b8dfe7c48 1723612 net optional quagga_0.99.17-2+squeeze3_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iQEcBAEBAgAGBQJOiDpcAAoJEL97/wQC1SS+8NYIAKhFD90gWaZn+q71xly4j725 qQY55gJBCu9Bu8XMAuSw1/K6gPwl7plP6/xceFevh/NT/eFkIIaudv7+2T1GISMU k/FbgiluoTkPWIiOM1GGU0LYXjT4Y2rI/4AF1F3oWKB8deiLX+GRnOvoCU9GMEbG Vzz2lqAX5UqHJNGUjGeILo4nff7g8Vqs+Tj/Ith5DbnLGi9Pe6LcDqsNAa5K+rF4 UYkDfHRsWAKEoLxroNHHOmhZLMEd5m2YAX4RSCq+4XY9L9MRu8TWX5vZvQHNDJLN NDgM59tSDC5a+/eyHsRdbsmYScYIq77slOnSa27Nt7e5XPL40YiAG3NCyHhHTAU= =sRKC -----END PGP SIGNATURE-----