-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Sun, 02 Oct 2011 14:28:25 +0200
Source: quagga
Binary: quagga quagga-doc
Architecture: armel
Version: 0.99.10-1lenny6
Distribution: lenny-security
Urgency: high
Maintainer: armel Build Daemon (antheil) <buildd_armel-antheil@buildd.debian.org>
Changed-By: Florian Weimer <fw@deneb.enyo.de>
Description: 
 quagga     - BGP/OSPF/RIP routing daemon
 quagga-doc - documentation files for quagga
Changes: 
 quagga (0.99.10-1lenny6) lenny-security; urgency=high
 .
   * SECURITY:
     This is a backport of the security patches of Quagga 0.99.19 and 0.99.20:
     - The vulnerabilities CVE-2011-3324 and CVE-2011-3323 are related to the
       IPv6 routing protocol (OSPFv3) implemented in ospf6d daemon. Receiving
       modified Database Description and Link State Update messages,
       respectively, can result in denial of service in IPv6 routing.
     - The vulnerability CVE-2011-3325 is a denial of service vulnerability
       related to Hello message handling by the OSPF service. As Hello messages
       are used to initiate adjacencies, exploiting the vulnerability may be
       feasible from the same broadcast domain without an established adjacency.
       A malformed packet may result in denial of service in IPv4 routing.
     - The vulnerability CVE-2011-3326 results from the handling of LSA (Link
       State Advertisement) states in the OSPF service. Receiving a modified
       Link State Update message with malicious state information can result in
       denial of service in IPv4 routing.
     - The vulnerability CVE-2011-3327 is related to the extended communities
       handling in BGP messages. Receiving a malformed BGP update can result in
       a buffer overflow and disruption of IPv4 routing.
Checksums-Sha1: 
 ca21b956c79d2173fbcd174e2270d3791daaca49 1459636 quagga_0.99.10-1lenny6_armel.deb
Checksums-Sha256: 
 6fe2e96571583099df5efeb36e072161bfcf7841ac29826a44ecc9060dcfe101 1459636 quagga_0.99.10-1lenny6_armel.deb
Files: 
 d7a91b0074259a92b4facaf50c11a7f1 1459636 net optional quagga_0.99.10-1lenny6_armel.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQIcBAEBCAAGBQJOi4OzAAoJECVpDDEoiwdTXdYP/2IAExYEEZEiFwM/eeHm75dF
W3Ea8gVU3ij3J9RlO8eX2Rw+Sykpj4gzbBicU1bRhqAxEugGWIr25M4uhaGyJCzV
snhgDRuERw7/tKhUt9m3evfI1dpzN2yZBrqajMM++QnK3Do9UPIpPKQWy2pSTl5C
WPEbuPDa4y0ANf96WsHIiu5RVPoeG7w6G4pn29xWisTeRkt5jK4mU6AKBg8HerAe
DCzgkdZOFQkceQQ+x+wTOn+jRMojcTC9+tSGyvu8S1sxKi70MpswEcGu6YSqGKN2
QQz9rYhPeCj5CsnS3N2v5EY7cksC2smkJ8bTkZNfYffFzR+UwFZP/79YoV2ecoAQ
7I1N3reFkiqBd7I9Nn9MBpwUCLOMYY2teqLInVtHz4wEYFb6EOtPqFzmMbRhFH2o
xDgLARwsnAIBDQxDbF46EaKxtC7RTAZAO/yyf0vO8YE03RDRKodHPKiYtFfkt1GF
tNTzBmEuyBnu450iLqfXWpR/vnNaVdcAAYx+WeIKfb73xhPaPUglSaRMOf/wbUNQ
TdLieBHRHGd1LrKFnOlish1Ue15VFzv6xlFgk8UnpdrMcj7+MbKfACAl7y9A8zZs
CGWZkR2HVuQyCIXTSmYFIyzll6hMYuDAdPvXDkGzBZibOZpZ4hhGw8J0Jazd/cle
iBwxePusObaZauUmWORW
=HHvC
-----END PGP SIGNATURE-----