On 2006-05-13 Martin Schulze wrote: > Christian Hammers wrote: > > Attached you will find a diff that can be used to make a DSA for the > > recent Quagga security bug. > > Thanks a lot for preparing the update. > > Please also mention CVE-2006-2223 CVE-2006-2224 in the unstable changelog > when you're doing the next upload anyway.
Please wait a day or two with the Quagga DSA, there has been one further security problem reported yesterday in Bug 366980 CVE-2006-2276: bgpd in Quagga 0.98 and 0.99 before 20060504 allows local users to cause a denial of service (CPU consumption) via a certain sh ip bgp command entered in the telnet interface. See http://www.quagga.net/news2.php?y=2006&m=5&d=4#id1146764580 I prepare unstable now and stable today or tomorrow... bye, -christian- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
