-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Mon, 22 Aug 2016 10:27:07 +0200 Source: quagga Binary: quagga quagga-dbg quagga-doc Architecture: source amd64 all Version: 0.99.23.1-1+deb8u2 Distribution: jessie-security Urgency: high Maintainer: Christian Hammers <ch@debian.org> Changed-By: Hugo Lefeuvre <hle@debian.org> Description: quagga - BGP/OSPF/RIP routing daemon quagga-dbg - BGP/OSPF/RIP routing daemon (debug symbols) quagga-doc - documentation files for quagga Closes: 822787 835223 Changes: quagga (0.99.23.1-1+deb8u2) jessie-security; urgency=high . * Non-maintainer upload by the Security Team. * CVE-2016-4049: Missing size check in bgp_dump_routes_func in bgpd/bgp_dump.c allowing DoS (Closes: #822787). * CVE-2016-4036: World readable sensitive files in /etc/quagga (Closes: #835223). Checksums-Sha1: 7f66c79b9594eecdd1dd9bab30346314abf1efd0 2166 quagga_0.99.23.1-1+deb8u2.dsc 9db69d23c4d0faccc6ed2bceb2869b3c1433a079 38096 quagga_0.99.23.1-1+deb8u2.debian.tar.xz 22186ceaf9400fcfbc58be4c4488eba88f3d9cb3 1219744 quagga_0.99.23.1-1+deb8u2_amd64.deb b1071490762fded6e84f125d596d8d4701cb578d 1769976 quagga-dbg_0.99.23.1-1+deb8u2_amd64.deb 32cdcf2455813e83edac13148ba26c25477c340f 906702 quagga-doc_0.99.23.1-1+deb8u2_all.deb Checksums-Sha256: e50d554843806d16f5c8aae31df06f05ead7167a772440a83568ca87523c1c14 2166 quagga_0.99.23.1-1+deb8u2.dsc af45ffc8e41253defcb93622d9d9065d941e9b6b9a9e60bc319bb7980a3f59d4 38096 quagga_0.99.23.1-1+deb8u2.debian.tar.xz 98f0a24de2098129860529ac797ebcca9ab5adca189bb2217d7e80494250a975 1219744 quagga_0.99.23.1-1+deb8u2_amd64.deb f2ea03b4c71a836b876a0be8a361d3314d97a16cd6e4f95a40900036984879b5 1769976 quagga-dbg_0.99.23.1-1+deb8u2_amd64.deb 7012ed5c6deec9020ce0849cd2f18975f82d965f28563993b1f60fbff42c0dba 906702 quagga-doc_0.99.23.1-1+deb8u2_all.deb Files: 88ecbdc1ef6d413ea02a41933ac6ca7f 2166 net optional quagga_0.99.23.1-1+deb8u2.dsc 869530531b12abeb41ac84fcaec55b49 38096 net optional quagga_0.99.23.1-1+deb8u2.debian.tar.xz 63acdc53648273dc779c0b5c35b667c3 1219744 net optional quagga_0.99.23.1-1+deb8u2_amd64.deb 013033961f6cc6413cd7463746d4b1fb 1769976 debug extra quagga-dbg_0.99.23.1-1+deb8u2_amd64.deb c9ea14bacb6bc10b307017998f11fc71 906702 net optional quagga-doc_0.99.23.1-1+deb8u2_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCgAGBQJXvuHgAAoJEKyQrD7FJAZetJgP/RudEdTOrZUEJ2AstpAg+tej lOtcjNgxrAwZf5xqQzTwBaGzj8Sc7NdqO1RG75nZAUGFNkFrJqqrDdxvRYMcEF+Q cprhkNRyOhHjMouRftrFAc+ByWzXlWVqlJjeTecMipn2zx/B4pf3DO2r3lwIbiJ8 +ksYyhsPTruyJ0Fjvnb6xKOsI4NRPeJEDw4eUrAvkmntVEGcquz2GOyAe0Vnci7t es9mYaQQQpCdU4lr8CGGV3ZB6bia+mr/myD23EgQfL9WR5xp3vqb2mn60hdAxfNC vsCM7tswsbnPn1x054N/ho0Hp51ab38Bef7DF3gJJVr2OT7VO8e9sEbtx6DQI+S6 gdN2Qr2T3w3FhHmY1C9sPRAP7fDcEhVDSRKgiJ/LnvAEJKrNJf2+LgyR4iESsdaA U7INRcQSKr4fE7E01FqsH26mJ3hZu70TLCxiEb+KMK6uxL/0+AFuwCk7Vei/3A4e HwhDcA6y++3VjwzS3KsP8AiSIy5WN/TkElnT8QsLZMnlVbGFkdyjeP4vnN3/ehPp ZqfsA2K5zhOHQhH1vX8pfyIw/Kc2JsDN0lPSgJvXdo4Hqam8mQNmojRWSfASYhhl 3DyI95mShLI3P3xlFFLAJLmHBpVGi+LBqI/sV5jtQSgFt7W5E4EyGqFDXqXrx5xV rkQH8/KnBPz5b63NgVe0 =KH1g -----END PGP SIGNATURE-----