-
Committer:
Package Import Robot
-
Author(s):
Marc Deslauriers
-
Date:
2011-10-07 12:38:37 UTC
-
Revision ID:
package-import@ubuntu.com-20111007123837-a11lbv9vvw17fnaf
Tags: 0.99.15-1ubuntu0.3
* SECURITY UPDATE: arbitrary code execution via malformed Inter Area
Prefix LSA
- debian/patches/99_CVE-2011-3323.dpatch: check lengths in
ospf6d/{ospf6_abr.h,ospf6_asbr.h,ospf6_intra.h,ospf6_lsa.h,
ospf6_message.c,ospf6_message.h,ospf6_proto.h}
- CVE-2011-3323
* SECURITY UPDATE: denial of sevice via crafted Link-State-Advertisement
- debian/patches/99_CVE-2011-3324.dpatch: change assert to warning in
ospf6d/ospf6_lsa.c.
- CVE-2011-3324
* SECURITY UPDATE: denial of service via crafted Hello packet
- debian/patches/99_CVE-2011-3325.dpatch: add extra checks to
ospfd/ospf_packet.c.
- CVE-2011-3325
* SECURITY UPDATE: denial of service via unknown Link-State-Advertisements
types
- debian/patches/99_CVE-2011-3326.dpatch: exit if LSA type is unknown
in ospfd/ospf_flood.c.
- CVE-2011-3326
* SECURITY UPDATE: arbitrary code execution via Extended Communities path
attribute
- debian/patches/99_CVE-2011-3327.dpatch: properly check size in
bgpd/bgp_ecommunity.c.
- CVE-2011-3327