bgpd/bgp_attr.c | 32 ++++++++++++++++++++------------ debian/changelog | 10 ++++++++++ 2 files changed, 30 insertions(+), 12 deletions(-)
New commits: commit f28daf382441c8ed957574b51b19db10e4ddacf7 Author: Stephen Hemminger <[email protected]> Date: Mon Mar 21 15:24:36 2011 -0700 0.99.17-15+mendocino2 commit 8aed83d6b72a3f4239c1bea36fa245f8d0741e56 Author: Paul Jakma <[email protected]> Date: Sun Dec 5 17:17:26 2010 +0000 bgpd/security: CVE-2010-1674 Fix crash due to extended-community parser error * bgp_attr.c: (bgp_attr_ext_communities) Certain extended-community attrs can leave attr->flag indicating ext-community is present, even though no extended-community object has been attached to the attr structure. Thus a null-pointer dereference can occur later. (bgp_attr_community) No bug fixed here, but tidy up flow so it has same form as previous. Problem and fix thanks to anonymous reporter. (cherry picked from commit 0c46638122f10019a12ae9668aec91691cf2e017) http://suva.vyatta.com/git/?p=vyatta-quagga.git;a=commitdiff;h=f28daf382441c8ed957574b51b19db10e4ddacf7 http://suva.vyatta.com/git/?p=vyatta-quagga.git;a=commitdiff;h=8aed83d6b72a3f4239c1bea36fa245f8d0741e56 _______________________________________________ svn mailing list [email protected] http://mailman.vyatta.com/mailman/listinfo/svn
