merge 664033 668610 found -1 0.99.17-2+squeeze3 retitle -1 quagga 0.99.20.1: CVE-2012-0249, CVE-2012-250, CVE-2012-0255 stop
Hello It's not yet fixed in stable. And it affects the following three CVEs: CVE-2012-0249 - Quagga ospfd DoS on malformed LS-Update packet CVE-2012-0250 - Quagga ospfd DoS on malformed Network-LSA data CVE-2012-0255 - Quagga bgpd DoS on malformed OPEN message I'll see if I can backport the patches. squeeze-backports and testing and unstable already have a fixed version. bye, -christian- Am Fri, 13 Apr 2012 14:58:05 +0200 schrieb Moritz Muehlenhoff <muehlenh...@univention.de>: > Package: quagga > Severity: grave > Tags: security > > Please see http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0255 > > Patch: > http://git.savannah.gnu.org/cgit/quagga.git/commit/?id=5861739f8c38bc36ea9955e5cb2be2bf2f482d70 > > Cheers, > Moritz > > -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
