Bug#365940: Files for a Quagga DSA (RIPD unauthenticated route injection)
Christian Hammers wrote: Attached you will find a diff that can be used to make a DSA for the recent Quagga security bug. Thanks a lot for preparing the update. Please also mention CVE-2006-2223 CVE-2006-2224 in the unstable changelog when you're doing the next upload anyway. Regards, Joey -- Linux - the choice of a GNU generation. Please always Cc to me when replying to me on the lists. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#365940: Files for a Quagga DSA (RIPD unauthenticated route injection)
On 2006-05-13 Martin Schulze wrote: Christian Hammers wrote: Attached you will find a diff that can be used to make a DSA for the recent Quagga security bug. Thanks a lot for preparing the update. Please also mention CVE-2006-2223 CVE-2006-2224 in the unstable changelog when you're doing the next upload anyway. Please wait a day or two with the Quagga DSA, there has been one further security problem reported yesterday in Bug 366980 CVE-2006-2276: bgpd in Quagga 0.98 and 0.99 before 20060504 allows local users to cause a denial of service (CPU consumption) via a certain sh ip bgp command entered in the telnet interface. See http://www.quagga.net/news2.php?y=2006m=5d=4#id1146764580 I prepare unstable now and stable today or tomorrow... bye, -christian- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#365940: Files for a Quagga DSA (RIPD unauthenticated route injection)
Hello Florian On 2006-05-05 Florian Weimer wrote: * Christian Hammers: Attached you will find a diff that can be used to make a DSA for the recent Quagga security bug. Your proposal does not mention the behavior change which was alluded to by upstream. Is this intentional? Paul mentioned a behavior change in his mail from Wed May 3 23:57h saying that this was no realeasable state and then replied to this mail on Thu May 4 17:19h announcing the changeset for a 0.98 RC version. I understood it as if he had fixed this flaw in the meantime. But it's probably really better to check so I will ask him. bye, -christian- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#365940: Files for a Quagga DSA (RIPD unauthenticated route injection)
* Christian Hammers: Attached you will find a diff that can be used to make a DSA for the recent Quagga security bug. Your proposal does not mention the behavior change which was alluded to by upstream. Is this intentional? -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
