Debian Package Tracker

From: Christian Hammers <ch@debian.org>
To: <debian-changes@lists.debian.org>
Subject: Accepted quagga 0.99.21-4+wheezy2 (source amd64 all)
Date: Thu, 28 Nov 2013 22:17:15 +0000
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Sun, 27 Oct 2013 23:38:09 +0100
Source: quagga
Binary: quagga quagga-dbg quagga-doc
Architecture: source amd64 all
Version: 0.99.21-4+wheezy2
Distribution: stable-security
Urgency: high
Maintainer: Christian Hammers <ch@debian.org>
Changed-By: Christian Hammers <ch@debian.org>
Description: 
 quagga     - BGP/OSPF/RIP routing daemon
 quagga-dbg - BGP/OSPF/RIP routing daemon (debug symbols)
 quagga-doc - documentation files for quagga
Closes: 726724
Changes: 
 quagga (0.99.21-4+wheezy2) stable-security; urgency=high
 .
   * Applied a patch that fixes the following security issue:
     "ospfd: CVE-2013-2236, stack overrun in apiserver
 .
     the OSPF API-server (exporting the LSDB and allowing announcement of
     Opaque-LSAs) writes past the end of fixed on-stack buffers.  This leads
     to an exploitable stack overflow.
 .
     For this condition to occur, the following two conditions must be true:
     - Quagga is configured with --enable-opaque-lsa
     - ospfd is started with the "-a" command line option"
     Closes: #726724
Checksums-Sha1: 
 188a7da259524df009ab80c68880317162249791 1466 quagga_0.99.21-4+wheezy2.dsc
 710a260168cb4c4334bed7848e91bffa1fdc9954 1572264 quagga_0.99.21.orig.tar.xz
 3b7385cf5687156595974d9677728beb64a25256 42328 quagga_0.99.21-4+wheezy2.debian.tar.gz
 982ac76a19923a789e1a5a5cc6b8b3b3e523c107 1708106 quagga_0.99.21-4+wheezy2_amd64.deb
 28147cc20c305df6d1e98d62259a46224d94d07f 2500286 quagga-dbg_0.99.21-4+wheezy2_amd64.deb
 feac493efd9547fa54f0261ca49fd5a751840679 645500 quagga-doc_0.99.21-4+wheezy2_all.deb
Checksums-Sha256: 
 9337068f842dd6e7ce337470f059dc5cbef8c04d2d89897a3f2c77552d6d14ae 1466 quagga_0.99.21-4+wheezy2.dsc
 87329c3d9d4e5c0a74812e725026560c477f610eec9771e67baf513da0357246 1572264 quagga_0.99.21.orig.tar.xz
 12581ed6a72caa7161e0211a9320d61bb76303b5e5b1f38334f7ee316b32713e 42328 quagga_0.99.21-4+wheezy2.debian.tar.gz
 f91d501905c55b0bb76f1014fc7c00b2105c6ef4cefddf5b832da1e8ac8d117e 1708106 quagga_0.99.21-4+wheezy2_amd64.deb
 a8a01f72266b4a9806dbe82a6e6d2c7f9be6f565c9d9cd9d157a7db84023bad2 2500286 quagga-dbg_0.99.21-4+wheezy2_amd64.deb
 599940ad41a252d5e9ea0813dde56c69774b8b0608bcc49e77471288a37374cc 645500 quagga-doc_0.99.21-4+wheezy2_all.deb
Files: 
 9b647ddc35a44d440b5c06f4ce5354f0 1466 net optional quagga_0.99.21-4+wheezy2.dsc
 0980758b1865b9aa0c60975120bf3453 1572264 net optional quagga_0.99.21.orig.tar.xz
 f4498a6cf1ffc9e1d28c7bf56000fa14 42328 net optional quagga_0.99.21-4+wheezy2.debian.tar.gz
 645941fa3c68ed0c0caf4284e1d6529a 1708106 net optional quagga_0.99.21-4+wheezy2_amd64.deb
 7a94b603bb7c383150314058472d5975 2500286 debug extra quagga-dbg_0.99.21-4+wheezy2_amd64.deb
 249844cbd169fb745338dffc5b63613d 645500 net optional quagga-doc_0.99.21-4+wheezy2_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.15 (GNU/Linux)

iEYEARECAAYFAlJtpdQACgkQkR9K5oahGOYJYgCeIeeSFpX8W+x7zGKt2dkwlpRq
g5IAoKMwBYe5dLDg+10irbW7LxcR94lK
=EYMr
-----END PGP SIGNATURE-----
News for package quagga
