-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Sun, 02 Oct 2011 01:00:22 +0200
Source: quagga
Binary: quagga quagga-doc
Architecture: ia64
Version: 0.99.17-2+squeeze3
Distribution: squeeze-security
Urgency: high
Maintainer: ia64 Build Daemon (mundy) <buildd_ia64-mundy@buildd.debian.org>
Changed-By: Christian Hammers <ch@debian.org>
Description: 
 quagga     - BGP/OSPF/RIP routing daemon
 quagga-doc - documentation files for quagga
Changes: 
 quagga (0.99.17-2+squeeze3) stable-security; urgency=high
 .
   * SECURITY:
     This is a backport of the security patches of Quagga 0.99.19 and 0.99.20:
     - The vulnerabilities CVE-2011-3324 and CVE-2011-3323 are related to the
       IPv6 routing protocol (OSPFv3) implemented in ospf6d daemon. Receiving
       modified Database Description and Link State Update messages,
       respectively, can result in denial of service in IPv6 routing.
     - The vulnerability CVE-2011-3325 is a denial of service vulnerability
       related to Hello message handling by the OSPF service. As Hello messages
       are used to initiate adjacencies, exploiting the vulnerability may be
       feasible from the same broadcast domain without an established adjacency.
       A malformed packet may result in denial of service in IPv4 routing.
     - The vulnerability CVE-2011-3326 results from the handling of LSA (Link
       State Advertisement) states in the OSPF service. Receiving a modified
       Link State Update message with malicious state information can result in
       denial of service in IPv4 routing.
     - The vulnerability CVE-2011-3327 is related to the extended communities
       handling in BGP messages. Receiving a malformed BGP update can result in
       a buffer overflow and disruption of IPv4 routing.
Checksums-Sha1: 
 374dbfa92dbd4bf4ead8bb2da02435c43916b77c 2262046 quagga_0.99.17-2+squeeze3_ia64.deb
Checksums-Sha256: 
 6825fc1d77652113762c3c39b35737c7ce08019b7e243decca0b663844328114 2262046 quagga_0.99.17-2+squeeze3_ia64.deb
Files: 
 3388ede567cad3ed4cd802081625627d 2262046 net optional quagga_0.99.17-2+squeeze3_ia64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQIcBAEBCAAGBQJOiD0wAAoJEHzOw5eW+kj08S8P/2ojpAD+hZrfFgJDggITDKyB
1ECjOGUj78hX0Lsk/FPcgn84aIwlNh8K6L4naJ/+GyrKUWiL+q1X/fP9UT6qgqoO
zM/wGgxdgu0SeRa1h40i1Tskg0ZqMaJ0skO2hOD0eac1JHUxzd4DVim0weLHgljL
JMPgFvOsfJyFoUXjsxy+P9sF/ZsBjiUoUvOefYNWKL0XdvVsBMCrF0agZfERD3F3
C9rjn4ghZ43Dew0Ej5b90Dl1SRLnmpgeDLcLaxFHfnqfl6HYaCz6Mfj8AU2iIGOG
+15vjKfQj+2o1w48PGUo1Jexr/YdmmSZD9hhKVOYgyi6Y+UGFSn1QsByQn8yLHVk
UX73YAGMjHnYA8+6EOHXhartRXjlQo3apl+7b/LCAE+sKVsVWVbjy3GNG0+wvOgG
3l27Dxx8ja+DfRSihpeZvq170Bsw9cP+aqgy4l1BEx8o5l9P9yT7Yy1suaDqoDS/
06tAor2wjOc6Wf/K+wWmtbSJ++SM8oy/6AFfS8OWZ66EglIKvcX06R7C9RFklelr
RtPrJzIlC5w/NB/xkSZqFG3ccJ94q98EZnYdS2weg01mT4Ae/XWBEFA/byrTew+j
pEWQY1d3JF3I7B1D9QsAYYxeAOefY9pIA9lwAu9MaCBHIalTYdDaiVKBgWFMZFI5
3yJg0G36AydOpvnOpaxx
=Xr5x
-----END PGP SIGNATURE-----