LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

SUSE alert SUSE-SU-2011:1171-1 (quagga)



From:
    	      opensuse-security@opensuse.org 


To:
    	      opensuse-security-announce@opensuse.org 


Subject:
    	      [security-announce] SUSE-SU-2011:1171-1: important: Security update for quagga 


Date:
    	      Mon, 24 Oct 2011 17:08:25 +0200 (CEST)


Message-ID:
    	      <20111024150825.678443219D@maintenance.suse.de>


Archive-link:
    	      Article, Thread
              


   SUSE Security Update: Security update for quagga
______________________________________________________________________________

Announcement ID:    SUSE-SU-2011:1171-1
Rating:             important
References:         #718056 #718058 #718059 #718061 #718062 
Cross-References:   CVE-2011-3323 CVE-2011-3324 CVE-2011-3325
                    CVE-2011-3326 CVE-2011-3327
Affected Products:

______________________________________________________________________________

   An update that fixes 5 vulnerabilities is now available.

Description:


   This update fixes the following security issues in quagga:

   * 718056: OSPF6D buffer overflow while decoding Link
   State Update with Inter Area Prefix Lsa (CVE-2011-3323)
   * 718058: OSPF6D DoS while decoding Database
   Description packet (CVE-2011-3324)
   * 718059: OSPFD DoS while decoding Hello packet
   (CVE-2011-3325)
   * 718061: OSPFD DoS while decoding Link State Update
   (CVE-2011-3326)
   * 718062: DoS while decoding EXTENDED_COMMUNITIES in
   Quagga's BGP (CVE-2011-3327)

   Security Issue references:

   * CVE-2011-3323
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3323
   >
   * CVE-2011-3324
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3324
   >
   * CVE-2011-3325
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3325
   >
   * CVE-2011-3326
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3326
   >
   * CVE-2011-3327
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3327
   >

Indications:

   Please install this update.


Package List:


References:

   http://support.novell.com/security/cve/CVE-2011-3323.html
   http://support.novell.com/security/cve/CVE-2011-3324.html
   http://support.novell.com/security/cve/CVE-2011-3325.html
   http://support.novell.com/security/cve/CVE-2011-3326.html
   http://support.novell.com/security/cve/CVE-2011-3327.html
   https://bugzilla.novell.com/718056
   https://bugzilla.novell.com/718058
   https://bugzilla.novell.com/718059
   https://bugzilla.novell.com/718061
   https://bugzilla.novell.com/718062
   http://download.novell.com/patch/finder/?keywords=b0427e8...

-- 
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds