-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Sun, 02 Oct 2011 01:00:22 +0200
Source: quagga
Binary: quagga quagga-doc
Architecture: i386
Version: 0.99.17-2+squeeze3
Distribution: squeeze-security
Urgency: high
Maintainer: i386 Build Daemon (murphy) <buildd_i386-murphy@buildd.debian.org>
Changed-By: Christian Hammers <ch@debian.org>
Description: 
 quagga     - BGP/OSPF/RIP routing daemon
 quagga-doc - documentation files for quagga
Changes: 
 quagga (0.99.17-2+squeeze3) stable-security; urgency=high
 .
   * SECURITY:
     This is a backport of the security patches of Quagga 0.99.19 and 0.99.20:
     - The vulnerabilities CVE-2011-3324 and CVE-2011-3323 are related to the
       IPv6 routing protocol (OSPFv3) implemented in ospf6d daemon. Receiving
       modified Database Description and Link State Update messages,
       respectively, can result in denial of service in IPv6 routing.
     - The vulnerability CVE-2011-3325 is a denial of service vulnerability
       related to Hello message handling by the OSPF service. As Hello messages
       are used to initiate adjacencies, exploiting the vulnerability may be
       feasible from the same broadcast domain without an established adjacency.
       A malformed packet may result in denial of service in IPv4 routing.
     - The vulnerability CVE-2011-3326 results from the handling of LSA (Link
       State Advertisement) states in the OSPF service. Receiving a modified
       Link State Update message with malicious state information can result in
       denial of service in IPv4 routing.
     - The vulnerability CVE-2011-3327 is related to the extended communities
       handling in BGP messages. Receiving a malformed BGP update can result in
       a buffer overflow and disruption of IPv4 routing.
Checksums-Sha1: 
 ae9b31ce722760ad72035ac27aafa0d88f86a458 1581402 quagga_0.99.17-2+squeeze3_i386.deb
Checksums-Sha256: 
 b8efa8860ddc2ab5db5b849dff6f19b9fdf9396bb56c291ffe2e464c31ad58d2 1581402 quagga_0.99.17-2+squeeze3_i386.deb
Files: 
 da56c3b63ced3e368b7146d5fa5e0d75 1581402 net optional quagga_0.99.17-2+squeeze3_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQIcBAEBCAAGBQJOiDuSAAoJELdq5EKse8nBvSgQAMur7dh9ZGzTER4JZ20EbQMe
pdOs7fkYfXuxzQXkfykPZMMOrrN6jhCe0lADc0VBd4XJuJ06PdkfWBss0fwiMUWO
HgCBARPC4ei6kkJtlTlCu9fZ1GseBHVyX3K/RVU1kN2K36Y8/rTQC9yahNG4QDP7
sbacOIJZuGNqbRNjYau4qKqc1iFU96WV4sNguz8SEwn8oFyFsM3S4MaKivUcnCcj
b0Vw6OLMSnjHptpSZfUE7VlgmCgcwvlZM0wwJWsT/Tydf22W+fugXt9+K1Uhlbiv
LqU3zUJ/xDyfceo4CAHzHD7uI1V4v3cA989vaG2H0fPf4rLWGLNUjtZPmHHs0Efk
/DPRAfcBg3a02FcjvaJ1Rb/zXNzpd/hOmijGxQXv8Jv1GgxkfSUQEFqSLtOsYVCE
oitoXhBTtX5pB4JD4VMwI2TMVGXNXped2onD6syxCAXAFPjM64AQDJDVxV165TtK
XWY08U3D3QTl0jsSdxgqV3bNqj7qK+D4YdJI6iqV/p7R/mpyqZe9ZUVgnsDaLYfZ
fSV1BLcAjyrjU2deHWZHKYMyOWPxc4EZqlNrHjVkNo7gVpmrvt2/oxw+rM11aiCh
NuTmNjGyXM+YCkOHA1xHQSOAmNqEhaSFN4N+AVJcwS6wTRHyr3YKC3JJIjEtaOPN
p7/kyKA2WIAzg9dPYIJs
=FbfE
-----END PGP SIGNATURE-----