lp:ubuntu/edgy-updates/quagga
- Get this branch:
- bzr branch lp:ubuntu/edgy-updates/quagga
Branch merges
Branch information
Recent revisions
- 10. By Stephan RĂ¼gamer
-
* SECURITY UPDATE: A bgpd could be crashed if a peer sent a malformed
OPEN message or a malformed COMMUNITY attribute. Only configured peers can
do this.
* debian/patches/ 92_ubuntu_ fix_dos_ malformed_ community. dpatch: patch to fix
the DoS. Latest unstable debian package is 0.99.9 which fixes this
upstream
* References: (LP: #139569)
CVE-2007-4826 - 9. By Kees Cook
-
* SECURITY UPDATE: configured peers can cause denial of service.
* debian/patches/ 91_fix_ peer_assert. dpatch: upstream fixes via Debian.
* References
CVE-2007-1995 - 8. By Martin Pitt
-
debian/
patches/ 81_32bit_ u64.dpatch: lib/zebra.h: Define __u64 as uint64_t
before including the netlink headers, since that symbol does not exist by
default on 32 bit arches. Fixes i386/powerpc FTBFS. - 7. By Christian Hammers
-
* Recreate /var/run if not present because /var is e.g. on a tmpfs
filesystem (thanks to Martin Pitt). Closes: #376142
* Removed nonexistant option from ospfd.8 manpage (thanks to
David Medberry). Closes: 378274 - 6. By Martin Pitt
-
* Merge from debian unstable; remaining Ubuntu change:
- debian/quagga. init.d: Create /var/run/quagga/ - 5. By Martin Pitt
-
* SECURITY UPDATE: Remote route injection, authentication bypass, remote
DoS.
* Add debian/patches/ 81_ripv1_ injection. dpatch:
- When RIPv2 authentication is required, disable RIPv1 or require
authentication as well (remote attackers could get routing information
by sending RIPv1 requests). [CVE-2006-2223]
- Enforce RIPv2 authentication requirements (remote attackers could
modify routing state via RIPv1 RESPONSE packets). [CVE-2006-2224]
- Patch taken from CVS head, see
http://bugzilla. quagga. net/show_ bug.cgi? id=262
* Add debian/patches/ 82_sh_ip_ bgp_loop. dpatch:
- Fix infinite loop with special invalid 'sh ip bgp' command.
[CVE-2006-2276]
- Patch ported from 0.99.4. - 4. By Scott James Remnant (Canonical)
-
Create /var/run/quagga with the correct permissions, missed as it's
hidden in a very messy preinst - 3. By Scott James Remnant (Canonical)
-
Create /var/run/quagga in the init script if it doesn't exist.
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/karmic/quagga