Publishing details

• Published on 2018-03-10

Changelog

quagga (1.1.1-3+deb9u2) stretch-security; urgency=high

  * Non-maintainer upload by the Security Team.
  * bgpd/security: invalid attr length sends NOTIFY with data overrun
    (CVE-2018-5378)
    Security issue: Quagga-2018-0543
  * bgpd/security: Fix double free of unknown attribute (CVE-2018-5379)
    Security issue: Quagga-2018-1114
  * bgpd/security: debug print of received NOTIFY data can over-read msg array
    (CVE-2018-5380)
    Security issue: Quagga-2018-1550
  * bgpd/security: fix infinite loop on certain invalid OPEN messages
    (CVE-2018-5381)
    Security issue: Quagga-2018-1975

 -- Salvatore Bonaccorso <email address hidden>  Tue, 13 Feb 2018 22:54:57 +0100

Builds

Package files

• quagga_1.1.1-3+deb9u2.debian.tar.xz (35.1 KiB)
• quagga_1.1.1-3+deb9u2.dsc (2.7 KiB)
• quagga_1.1.1.orig.tar.gz (2.1 MiB)