6 matches found
Updated quagga packages fix security vulnerability
This is an update to fix several security issues. 1. CVE-2018-5379: Fix double free of unknown attribute 2. CVE-2018-5380: debug print of received NOTIFY data can over-read msg array 3. CVE-2018-5381: fix infinite loop on certain invalid OPEN messages...
MGASA-2017-0416 Updated quagga packages fix security vulnerability
The bgpd daemon in the Quagga routing suite does not properly calculate the length of multi-segment ASPATH UPDATE messages, causing bgpd to drop a session and potentially resulting in loss of network connectivity CVE-2017-16227...
MGASA-2016-0374 Updated quagga packages fix security vulnerability
It was discovered that the zebra daemon in the Quagga routing suite suffered from a stack-based buffer overflow when processing IPv6 Neighbor Discovery messages CVE-2016-1245...
MGASA-2016-0165 Updated quagga packages fix CVE-2016-4049
Updated quagga packages fix security vulnerability: A denial of dervice vulnerability have been found in BGP daemon from Quagga routing software bgpd: if the following conditions are satisfied: - regular dumping is enabled - bgpd instance has many BGP peers then BGP message packets that are big...
MGASA-2016-0126 Updated quagga packages fix security vulnerability
A vulnerability was found in a way VPNv4 NLRI parser copied packet data to the stack. Memcpy to stack data structure based on length field from packet data whose length field upper-bound was not properly checked CVE-2016-2342...
MGASA-2013-0310 Updated quagga packages fix CVE-2013-2236
Updated quagga packages fix security vulnerability: Remotely exploitable buffer overflow in ospfapi.c and ospfclient.c when processing LSA messages in quagga before 0.99.22.2 CVE-2013-2236. Note: We have worked around this vulnerability by disabling the ospfapi and ospfclient features, which did...