Ubuntu

Change logs for “quagga” source package in Hardy

  • quagga (0.99.9-2ubuntu1.5) hardy-security; urgency=low
    
      * SECURITY UPDATE: denial of service via malformed extended communities
        - debian/patches/99_quagga-extcom.dpatch: ignore malformed extended
          communities in bgpd/bgp_attr.c.
        - CVE-2010-1674
      * SECURITY UPDATE: denial of service via AS_PATHLIMIT
        - debian/patches/99_no-aspathlimit.dpatch: remove AS_PATHLIMIT support
          in bgpd/bgp_attr.c.
        - CVE-2010-1675
     -- Marc Deslauriers <email address hidden>   Wed, 23 Mar 2011 14:44:40 -0400
  • quagga (0.99.9-2ubuntu1.4) hardy-security; urgency=low
    
      * SECURITY UPDATE: denial of service and possible arbitrary code
        execution via malformed Outbound Route Filtering (ORF) record
        - debian/patches/91_CVE-2010-2948.dpatch: improve bounds checking in
          bgpd/bgp_packet.c.
        - CVE-2010-2948
      * SECURITY UPDATE: denial of service via unknown AS type
        - debian/patches/91_CVE-2010-2949.dpatch: check segment types and
          lengths in bgpd/bgp_aspath.c.
        - CVE-2010-2949
     -- Marc Deslauriers <email address hidden>   Thu, 11 Nov 2010 14:46:19 -0500
  • quagga (0.99.9-2ubuntu1.3) hardy-security; urgency=low
    
      * SECURITY UPDATE: fix regressions introduced by back-ported
        4-byte ASN patch (LP: #384193).
    
     -- Kees Cook <email address hidden>   Mon, 08 Jun 2009 11:20:45 -0700
  • quagga (0.99.9-2ubuntu1.2) hardy-security; urgency=low
    
      * SECURITY UPDATE: denial of service with multiple AS numbers.
        - debian/patches/99_as4-crash-fix.dpatch: backported upstream fixes
          thanks to Chris Caputo and Florian Weimer.
        - CVE-2009-1572 (LP: #372757)
    
     -- Kees Cook <email address hidden>   Wed, 06 May 2009 11:14:39 -0700
  • quagga (0.99.9-2ubuntu1.1) hardy-proposed; urgency=low
    
      * debian/patches/20_bgp-md5.dpatch
        - Update md5 patch using a more recent version posted to the
          quagga-dev mailing list. (LP: #176015)
    
     -- Chuck Short <email address hidden>   Fri, 09 May 2008 14:04:54 -0400
  • quagga (0.99.9-2ubuntu1) hardy; urgency=low
    
      * Merge from debian unstable, remaining changes:
        - debian/rules: use bash as shell
        - debian/quagga.prerm: handle upgrades more gracefully
        - debian/patches/20_bgp-md5.dpatch: update md5 patch using a recent
           version posted to quagga-dev mailing list.
           Dropped 15_ht-bgp-md5__configure.dpatch,
           20_ht-20061217-0.99.6-bgp-md5.dpatch as both are integrated in
           the updated md5 patch.
      * Dropped:
        - debian/patches/81_32bit_u64.dpatch,83_ifaddr_defs.dpatch: not needed
          anymore.
    
    quagga (0.99.9-2) unstable; urgency=low
    
      * Added CVE id for the security bug to the last changelog entry.
        Closes: 442133
    
     -- Mathias Gug <email address hidden>   Tue, 20 Nov 2007 18:40:41 -0500
  • quagga (0.99.9-1ubuntu2) gutsy; urgency=low
    
      * Trigger rebuild for hppa
    
     -- LaMont Jones <email address hidden>   Thu, 04 Oct 2007 12:22:43 -0600