[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 662-1] quagga security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Package        : quagga
Version        : 0.99.22.4-1+wheezy3+deb7u1
CVE ID         : CVE-2016-1245
Debian Bug     : 841162

It was discovered that there was stack overrun in IPv6 RA receive code in
quagga, a BGP/OSPF/RIP routing daemon.

The buffer size specified when receiving mixed up two constants that have
different values.

For Debian 7 "Wheezy", this issue has been fixed in quagga version
0.99.22.4-1+wheezy3+deb7u1.

We recommend that you upgrade your quagga packages.


Regards,

- -- 
      ,''`.
     : :'  :     Chris Lamb
     `. `'`      lamby@debian.org / chris-lamb.co.uk
       `-

-----BEGIN PGP SIGNATURE-----

iQIcBAEBCAAGBQJYBhFxAAoJEB6VPifUMR5YOpIP/175M0cSbS9m6VNzvRmmPbzP
eqfV4e1rFSkTATpdh8dw5UOjzSa8PG8EROpiL1DUxXQRvQ+vh/eEpBcYULOChzDo
bsQSIsV/Is6DiKVGezAVQn4O1Oqwwzm3u/YmzQnQlKZJh/7cscjL75cQnP+q0cdj
uy+fC2J4xoe3tUy2Bl9o8L+nM/V3OCDHNRjQFeT/7u6SfMix0bzMaINSNsbdb7kS
VM+PanwO3y6fsSVUFdf0cA/gdd8eEz/0o/9MKMkyTWQdU5mh6j76w9UTQiEpSqy+
14W4rx9MtdH8An3qy8iLmnQhVxrCbsJ1pFQnipkXfBawgPcgjB8Gw9hZ4Pn2BrtN
haUW0o+yNvKcVk59h12Lz3FkXvR9QIsGaWVJD+mM/2+s/SlOmmp/Iv+q6FgnoytM
XF5tj1eTHQhxJA/xz4T5poqYl3nL4mm5B0Tcsewl4oaTLHHgkDQiyDjHIxhi3AoL
5pjCqe7POrW4cADa7XNqNr5F5mDr6kLlnldEt2YGLkf+xACMhNkArl6wDy2XX2Is
b+J11In1Yh5nhgvwEl6ead9HUe3pNHcNY8isVZgVdKvj6+4s/TvdZp+PL/xDixEu
VjsvdquF63DCo2WhnhQcR658yP+Dd3Xal8VdioGnIwru/pIdQQRMZPPUromKHtI0
VVC/1leGkYvP63mR3L9V
=lKjc
-----END PGP SIGNATURE-----
Reply to: