lp:ubuntu/natty-security/quagga
- Get this branch:
- bzr branch lp:ubuntu/natty-security/quagga
Branch merges
Related source package recipes
Branch information
Recent revisions
- 30. By Marc Deslauriers
-
* SECURITY UPDATE: Update to 0.99.20.1 to fix multiple security issues.
(LP: #994169)
- Denial of service via short Link State Update packet
- Denial of service via short network-LSA link-state advertisement
- Denial of service via malformed Four-octet AS Number Capability
- CVE-2012-0249
- CVE-2012-0250
- CVE-2012-0255
* debian/control, debian/rules: Remove quagga-dbg package for Natty.
* debian/patches/ 99_bgpd- fix-memory- leak-for- extra-attribute s.diff:
added fix for a bgpd memory leak related to extra attributes. Thanks to
Debian for the regression fix. - 29. By Marc Deslauriers
-
* SECURITY UPDATE: arbitrary code execution via malformed Inter Area
Prefix LSA
- debian/patches/ 99_CVE- 2011-3323. dpatch: check lengths in
ospf6d/{ospf6_ abr.h,ospf6_ asbr.h, ospf6_intra. h,ospf6_ lsa.h,
ospf6_message. c,ospf6_ message. h,ospf6_ proto.h}
- CVE-2011-3323
* SECURITY UPDATE: denial of sevice via crafted Link-State-Advertisement
- debian/patches/ 99_CVE- 2011-3324. dpatch: change assert to warning in
ospf6d/ospf6_lsa. c.
- CVE-2011-3324
* SECURITY UPDATE: denial of service via crafted Hello packet
- debian/patches/ 99_CVE- 2011-3325. dpatch: add extra checks to
ospfd/ospf_packet. c.
- CVE-2011-3325
* SECURITY UPDATE: denial of service via unknown Link-State-Advertisements
types
- debian/patches/ 99_CVE- 2011-3326. dpatch: exit if LSA type is unknown
in ospfd/ospf_flood.c.
- CVE-2011-3326
* SECURITY UPDATE: arbitrary code execution via Extended Communities path
attribute
- debian/patches/ 99_CVE- 2011-3327. dpatch: properly check size in
bgpd/bgp_ecommunity. c.
- CVE-2011-3327 - 28. By Marc Deslauriers
-
* SECURITY UPDATE: denial of service via malformed extended communities
- debian/patches/ 99_quagga- extcom. dpatch: ignore malformed extended
communities in bgpd/bgp_attr.c.
- CVE-2010-1674
* SECURITY UPDATE: denial of service via AS_PATHLIMIT
- debian/patches/ 99_no-aspathlim it.dpatch: remove AS_PATHLIMIT support
in bgpd/bgp_attr.c.
- CVE-2010-1675 - 24. By Christian Hammers
-
SECURITY:
"This release provides two important bugfixes, which address remote crash
possibility in bgpd discovered by CROSS team.":
1. Stack buffer overflow by processing certain Route-Refresh messages
CVE-2010-2948
2. DoS (crash) while processing certain BGP update AS path messages
CVE-2010-2949
Closes: #594262 - 23. By Christian Hammers
-
* New upstream release. Closes: #574527
* Added chrpath to debian/rules to fix rpath problems that lintian spottet. - 22. By Christian Hammers
-
* New upstream release
"This fixes some annoying little ospfd and ospf6d regressions, which made
0.99.14 a bit of a problem release (...) This release still contains a
regression in the "no ip address ..." command, at least on Linux.
See bug #486, which contains a workaround patch. This release should be
considered a 1.0.0 release candidate. Please test this release as widely
as possible."
* Fixed wrong port number in zebra.8 (thanks to Thijs Kinkhorst).
Closes: #517860
* Added Russian Debconf tanslation (thanks to Yuri Kozlov).
Closes: #539464
* Removed so-version in build-dep to libreadline-dev on request of
Matthias Klose.
* Added README.source with reference to dpatch as suggested by lintian.
* Bumped standards versionto 3.8.3. - 21. By Christian Hammers
-
* New upstream release
"This release is contains a number of small fixes, for potentially
irritating issues, as well as small enhancements to vtysh and support
for linking to PCRE (a much faster regex library)."
* Added build-dep to gawk as configure required it for memtypes.awk
* Replaced build-dep to gs-gpl with ghostscript as requested by lintian
* Minor changes to copyright and control files to make lintian happy.
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/precise/quagga
