Security Information / 2016 / Security Information -- DSA-3695-1 quagga

Debian Security Advisory

DSA-3695-1 quagga -- security update

Date Reported:

18 Oct 2016

Affected Packages:

quagga

Vulnerable:

Yes

Security database references:

In the Debian bugtracking system: Bug 841162.
In Mitre's CVE dictionary: CVE-2016-1245.

More information:

It was discovered that the zebra daemon in the Quagga routing suite suffered from a stack-based buffer overflow when processing IPv6 Neighbor Discovery messages.

For the stable distribution (jessie), this problem has been fixed in version 0.99.23.1-1+deb8u3.

We recommend that you upgrade your quagga packages.