-
quagga (1.1.1-1ubuntu0.1) zesty-security; urgency=medium
* SECURITY UPDATE: DoS via BGP UPDATE messages
- debian/patches/CVE-2017-16227.patch: fix AS_PATH size calculation for
long paths in bgpd/bgp_aspath.c.
- CVE-2017-16227
-- Marc Deslauriers <email address hidden> Mon, 30 Oct 2017 10:23:24 -0400
-
quagga (1.1.1-1) unstable; urgency=low
* SECURITY:
- New upstream bugfix release, fixes CVE-2017-5495 (Closes: #852454).
* Remove patch disabling debug print statements; fixed upstream.
* Update libquagga0.symbols for libzebra SONAME bump.
-- Scott Leggett <email address hidden> Fri, 27 Jan 2017 10:48:50 +1100
-
quagga (1.1.0-3) unstable; urgency=low
* Update .service file patch (Closes: #849953).
-- Scott Leggett <email address hidden> Tue, 03 Jan 2017 22:07:12 +0800
-
quagga (1.1.0-2) unstable; urgency=low
* Fix autopkgtests.
* Check for existing dpkg-statoverride on /etc/quagga (Closes: #847355).
-- Scott Leggett <email address hidden> Fri, 09 Dec 2016 22:56:55 +1100
-
quagga (1.1.0-1) unstable; urgency=low
* New upstream release (Closes: #774760, #516226, #830515)
* Import packaging from the last debian release 1.0.20160315-3.
* Remove dump_fix.patch applied upstream.
* Remove patch which is no longer relevant.
* Remove patch for CVE-2016-1245 fixed upstream.
* Rely on automatic -dbgsym package rather than deprecated -dbg.
* Remove deprecated XS-testsuite header in debian/control.
* Remove template comment from debian/watch.
* Add patch to fix spelling and grammar errors.
* Register quagga-doc with doc-base.
* Add patch to fix ospfclient(8) manpage numbering.
* Added patch to avoid debug print statements on vtysh startup.
* Adopt package, set myself as maintainer (Closes: #836418).
* Add quagga user to quaggavty group in preinst.
* Drop patch for Debian pager default in vtysh (Closes: #788243).
* Update debian/copyright.
* Bump compat level to 10 (Closes: #534833).
* Use systemd .service files rather than init.d scripts (Closes: #678946,
#805840, #839819, #412483).
* Split quagga package out into multiple packages (Closes: #705306).
* Remove debconf question which left packages in inconsistent state.
* Add patch for manpage versioning.
* Update README.Debian, README.Maintainer.
* Removed patch on vtysh.conf.
* Add NEWS.Debian about the major changes to the package.
-- Scott Leggett <email address hidden> Mon, 21 Nov 2016 21:30:12 +1100
-
quagga (1.0.20160315-3) unstable; urgency=high
* Apply patch to fix CVE-2016-1245. Closes: #841162.
-- Florian Weimer <email address hidden> Tue, 18 Oct 2016 22:06:18 +0200
-
quagga (1.0.20160315-2ubuntu1) zesty; urgency=medium
* SECURITY UPDATE: denial of service via stack overrun in IPv6 RA receive
code
- debian/patches/CVE-2016-1245.patch: use proper buffer size in
zebra/rtadv.c.
- CVE-2016-1245
-- Marc Deslauriers <email address hidden> Tue, 25 Oct 2016 09:49:37 -0400
-
quagga (1.0.20160315-2build1) yakkety; urgency=medium
* No-change rebuild for readline soname change.
-- Matthias Klose <email address hidden> Sat, 17 Sep 2016 12:08:29 +0000