Nom du paquet
quagga
Date
2013-04-10
Advisory ID
MDVSA-2013:122
Affected versions
MBS1 x86_64

Problem description

Updated quagga package fixes security vulnerability:

The bgp_capability_orf function in bgpd in Quagga 0.99.20.1 and earlier
allows remote attackers to cause a denial of service (assertion failure
and daemon exit) by leveraging a BGP peering relationship and sending
a malformed Outbound Route Filtering (ORF) capability TLV in an OPEN
message (CVE-2012-1820).

Updated packages

MBS1 x86_64

 ccff198235c967974cf3fbd36357d74b  mbs1/x86_64/lib64quagga0-0.99.20.1-4.1.mbs1.x86_64.rpm
 2f39ea9b9dc6d43d2c5d6f4a52f03199  mbs1/x86_64/lib64quagga-devel-0.99.20.1-4.1.mbs1.x86_64.rpm
 47e58bf9ed528f49b5fc949ee97e3a61  mbs1/x86_64/quagga-0.99.20.1-4.1.mbs1.x86_64.rpm
 8631379a83fbe4414c6a6eed168a3eab  mbs1/x86_64/quagga-contrib-0.99.20.1-4.1.mbs1.x86_64.rpm 
 692575a51b91902aafd594dc1a628660  mbs1/SRPMS/quagga-0.99.20.1-4.1.mbs1.src.rpm

References