Control: retitle -1 quagga-bgpd: CVE-2017-16227: BGP session termination due to rather long AS paths in update messages
On Sun, Oct 22, 2017 at 01:48:13AM +0200, Christoph Biedl wrote: > Package: quagga-bgpd > Version: 1.1.1-3 > Severity: important > Tags: security upstream > > Dear Maintainer, > > there is a longstanding bug in quagga where certain BGP update messages > cause a quagga bgpd to drop a session, possibly resulting in loss of > network connectivity. I requested a CVE and it got assigned CVE-2017-16227. Will look into preparing update for jessie and stretch. Regards, Salvatore
