lp:ubuntu/maverick-security/quagga
- Get this branch:
- bzr branch lp:ubuntu/maverick-security/quagga
Branch merges
Branch information
Recent revisions
- 26. By Marc Deslauriers
-
* SECURITY UPDATE: arbitrary code execution via malformed Inter Area
Prefix LSA
- debian/patches/ 99_CVE- 2011-3323. dpatch: check lengths in
ospf6d/{ospf6_ abr.h,ospf6_ asbr.h, ospf6_intra. h,ospf6_ lsa.h,
ospf6_message. c,ospf6_ message. h,ospf6_ proto.h}
- CVE-2011-3323
* SECURITY UPDATE: denial of sevice via crafted Link-State-Advertisement
- debian/patches/ 99_CVE- 2011-3324. dpatch: change assert to warning in
ospf6d/ospf6_lsa. c.
- CVE-2011-3324
* SECURITY UPDATE: denial of service via crafted Hello packet
- debian/patches/ 99_CVE- 2011-3325. dpatch: add extra checks to
ospfd/ospf_packet. c.
- CVE-2011-3325
* SECURITY UPDATE: denial of service via unknown Link-State-Advertisements
types
- debian/patches/ 99_CVE- 2011-3326. dpatch: exit if LSA type is unknown
in ospfd/ospf_flood.c.
- CVE-2011-3326
* SECURITY UPDATE: arbitrary code execution via Extended Communities path
attribute
- debian/patches/ 99_CVE- 2011-3327. dpatch: properly check size in
bgpd/bgp_ecommunity. c.
- CVE-2011-3327 - 25. By Marc Deslauriers
-
* SECURITY UPDATE: denial of service via malformed extended communities
- debian/patches/ 99_quagga- extcom. dpatch: ignore malformed extended
communities in bgpd/bgp_attr.c.
- CVE-2010-1674
* SECURITY UPDATE: denial of service via AS_PATHLIMIT
- debian/patches/ 99_no-aspathlim it.dpatch: remove AS_PATHLIMIT support
in bgpd/bgp_attr.c.
- CVE-2010-1675 - 24. By Christian Hammers
-
SECURITY:
"This release provides two important bugfixes, which address remote crash
possibility in bgpd discovered by CROSS team.":
1. Stack buffer overflow by processing certain Route-Refresh messages
CVE-2010-2948
2. DoS (crash) while processing certain BGP update AS path messages
CVE-2010-2949
Closes: #594262 - 23. By Christian Hammers
-
* New upstream release. Closes: #574527
* Added chrpath to debian/rules to fix rpath problems that lintian spottet. - 22. By Christian Hammers
-
* New upstream release
"This fixes some annoying little ospfd and ospf6d regressions, which made
0.99.14 a bit of a problem release (...) This release still contains a
regression in the "no ip address ..." command, at least on Linux.
See bug #486, which contains a workaround patch. This release should be
considered a 1.0.0 release candidate. Please test this release as widely
as possible."
* Fixed wrong port number in zebra.8 (thanks to Thijs Kinkhorst).
Closes: #517860
* Added Russian Debconf tanslation (thanks to Yuri Kozlov).
Closes: #539464
* Removed so-version in build-dep to libreadline-dev on request of
Matthias Klose.
* Added README.source with reference to dpatch as suggested by lintian.
* Bumped standards versionto 3.8.3. - 21. By Christian Hammers
-
* New upstream release
"This release is contains a number of small fixes, for potentially
irritating issues, as well as small enhancements to vtysh and support
for linking to PCRE (a much faster regex library)."
* Added build-dep to gawk as configure required it for memtypes.awk
* Replaced build-dep to gs-gpl with ghostscript as requested by lintian
* Minor changes to copyright and control files to make lintian happy. - 20. By Christian Hammers
-
* New upstream release
"This release fixes an urgent bug in bgpd where it could hit an assert
if it received a long AS_PATH with a 4-byte ASN." Noteworthy bugfixes:
+ [bgpd] Fix bgp ipv4/ipv6 accept handling
+ [bgpd] AS4 bugfix by Chris Caputo
+ [bgpd] Allow accepted peers to progress even if realpeer is in Connect
+ [ospfd] Switch Fletcher checksum back to old ospfd version - 19. By Florian Weimer
-
* Apply patch from Chris Caputo to fix AS4 crash.
* Fix FTBFS due to changed ImageMagick convert command, option -dither. - 18. By Christian Hammers
-
* New upstream release
"Most regressions in 0.99 over 0.98 are now believed to be fixed. This
release should be considered a release-candidate for a new stable series."
+ bgpd: Preliminary UI and Linux-IPv4 support for TCP-MD5 merged
+ zebra: ignore dead routes in RIB update
+ [ospfd] Default route needs to be refreshed after neighbour state change
+ [zebra:netlink] Set proto/scope on all route update messages
* Removed debian/patches/ 20_*bgp* md5*.dpatch due to upstream support. - 17. By Christian Hammers
-
Fixed FTBFS by adding a build-dep to libpcre3-dev (thanks to Luk Claes).
Closes: #469891
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/natty/quagga