-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Sun, 02 Oct 2011 14:28:25 +0200
Source: quagga
Binary: quagga quagga-doc
Architecture: mipsel
Version: 0.99.10-1lenny6
Distribution: lenny-security
Urgency: high
Maintainer: mipsel Build Daemon (mayer) <buildd_mips-mayer@buildd.debian.org>
Changed-By: Florian Weimer <fw@deneb.enyo.de>
Description: 
 quagga     - BGP/OSPF/RIP routing daemon
 quagga-doc - documentation files for quagga
Changes: 
 quagga (0.99.10-1lenny6) lenny-security; urgency=high
 .
   * SECURITY:
     This is a backport of the security patches of Quagga 0.99.19 and 0.99.20:
     - The vulnerabilities CVE-2011-3324 and CVE-2011-3323 are related to the
       IPv6 routing protocol (OSPFv3) implemented in ospf6d daemon. Receiving
       modified Database Description and Link State Update messages,
       respectively, can result in denial of service in IPv6 routing.
     - The vulnerability CVE-2011-3325 is a denial of service vulnerability
       related to Hello message handling by the OSPF service. As Hello messages
       are used to initiate adjacencies, exploiting the vulnerability may be
       feasible from the same broadcast domain without an established adjacency.
       A malformed packet may result in denial of service in IPv4 routing.
     - The vulnerability CVE-2011-3326 results from the handling of LSA (Link
       State Advertisement) states in the OSPF service. Receiving a modified
       Link State Update message with malicious state information can result in
       denial of service in IPv4 routing.
     - The vulnerability CVE-2011-3327 is related to the extended communities
       handling in BGP messages. Receiving a malformed BGP update can result in
       a buffer overflow and disruption of IPv4 routing.
Checksums-Sha1: 
 e18820ae6df731a452f97093dcd7be74e15013e9 1603276 quagga_0.99.10-1lenny6_mipsel.deb
Checksums-Sha256: 
 01ac09dba584329dfb847f20967d7e135d1175bcefbee9494c01214298ba0cb5 1603276 quagga_0.99.10-1lenny6_mipsel.deb
Files: 
 798fe9e8f121714016c95d01cb773e90 1603276 net optional quagga_0.99.10-1lenny6_mipsel.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iQIcBAEBCAAGBQJOi35YAAoJEHR+3TSlYz+UcfQQAK4kBLyhpKBOdzF1wcmR0gLW
fiNFPET1yyrPGb0fqf8AEMxtsQvpOn+g+e0kOodQlXVz9+fX8GESUyrJ5zCTUNw+
p+iFTvBilPVGh88RVo9QvZ0SIkl/aPJXbmYymGvm2B/f6miptumvkABfPD0i4SDu
rUjJ6u6adZeGQjeD//9qR0TLYP+/DlGQcZht35LLtr84LsDAOdQeKH5cAHg3vs9+
m4X46s0m7uKzTMEln2r6VbcsndAWzqcplmfLOj1XJpdLj4VCt8tp7XHCk4CvWbaT
moOHbV3T31vsMSMkG2Mep7BWx38u4n/zYoRrXVnMQdYZZngCN1Wt8d7jmWWx5Afw
FvwwKiDaKosgJ+/cKoS06GMTMc2cJhu9Cw8si1X0u74V9X5nAJfITN6S5FPQ8VQQ
2nkXCs/ULONIS+xAc+zK/UFcyi0qrCPfEBycUcxAb5qHByBr065UCpj+VTh366E4
Zj5r+C7I3th7TkWWpHmY7B3WprjSyd60Y15Vq07lXpnbyLIqLocKDx/nlcgHhcYe
zhNx66Ob1Ze0ySBCDzAfBnSjzWl2ZBYfJZQIml0yAM/CAF2jPh2088uA294hJT4e
E8X2Yg2OVasGdHg+6xvbhig1MBeNO4kYZeZWgfpG8o14jDVj+GSD0XyXSa/sMGOn
nA+yHk1M3DUiRrj17vbQ
=3xU7
-----END PGP SIGNATURE-----