Security update for quagga (important)

This update provides Quagga 1.1.1, which brings several fixes and
enhancements.

Security issues fixed:

• CVE-2017-5495: Telnet ‘vty’ interface DoS due to unbounded memory
  allocation. (bsc#1021669)
• CVE-2016-1245: Stack overrun in IPv6 RA receive code. (bsc#1005258)

Bug fixes:

• Do not enable zebra’s TCP interface (port 2600) to use default UNIX
  socket for communication between the daemons. (fate#323170)

Between 0.99.22.1 and 1.1.1 the following improvements have been
implemented:

• Changed the default of ‘link-detect’ state, controlling whether zebra
  will respond to link-state events and consider an interface to be down
  when link is down. To retain the current behavior save your config
  before updating, otherwise remove the ‘link-detect’ flag from your
  config prior to updating. There is also a new global ‘default
  link-detect (on|off)’ flag to configure the global default.
• Greatly improved nexthop resolution for recursive routes.
• Event driven nexthop resolution for BGP.
• Route tags support.
• Transport of TE related metrics over OSPF, IS-IS.
• IPv6 Multipath for zebra and BGP.
• Multicast RIB support has been extended. It still is IPv4 only.
• RIP for IPv4 now supports equal-cost multipath (ECMP).
• route-maps have a new action "set ipv6 next-hop peer-address".
• route-maps have a new action "set as-path prepend last-as".
• "next-hop-self all" to override nexthop on iBGP route reflector setups.
• New pimd daemon provides IPv4 PIM-SSM multicast routing.
• IPv6 address management has been improved regarding tentative addresses.
  This is visible in that a freshly configured address will not
  immediately be marked as usable.
• Recursive route support has been overhauled. Scripts parsing "show ip
  route" output may need adaptation.
• A large amount of changes has been merged for ospf6d. Careful evaluation
  prior to deployment is recommended.
• Multiprotocol peerings over IPv6 now try to find a more appropriate IPv4
  nexthop by looking at the interface.
• Relaxed bestpath criteria for multipath and improved display of
  multipath routes in "show ip bgp". Scripts parsing this output may need
  to be updated.
• Support for iBGP TTL security.