Mehrere Probleme in quagga
ID: | FEDORA-2016-8acc6b66f1 |
Distribution: | Fedora |
Plattformen: | Fedora 25 |
Datum: | So, 20. November 2016, 02:12 |
Referenzen: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4049
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2342 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1245 |
Applikationen: | quagga |
Originalnachricht |
|
Name : quagga Product : Fedora 25 Version : 0.99.24.1 Release : 4.fc25 URL : http://www.quagga.net Summary : Routing daemon Description : Quagga is free software that operates TCP/IP-based routing protocols. It takes a multi-server and multi-threaded approach to resolving the current complexity of the Internet. Quagga supports Babel, BGP4, BGP4+, BGP4-, IS-IS (experimental), OSPFv2, OSPFv3, RIPv1, RIPv2, and RIPng. Quagga is intended to be used as a Route Server and a Route Reflector. It is not a toolkit; it provides full routing power under a new architecture. Quagga by design has a process for each protocol. Quagga is a fork of GNU Zebra. -------------------------------------------------------------------------------- Update Information: This update addresses multiple security problems and fixes systemd dependencies. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1387654 - quagga daemons should pull in network.target into the boot transaction https://bugzilla.redhat.com/show_bug.cgi?id=1387654 [ 2 ] Bug #1386110 - CVE-2016-1245 quagga: Buffer Overflow in IPv6 RA handling [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1386110 [ 3 ] Bug #1331373 - CVE-2016-4049 quagga: denial of service vulnerability in BGP routing daemon [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1331373 [ 4 ] Bug #1316572 - CVE-2016-2342 quagga: VPNv4 NLRI parses memcpys to stack on unchecked length [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1316572 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade quagga' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org |