Ubuntu alert USN-7230-1 (quagga)
| From: | John Breton <john.breton@canonical.com> | |
| To: | ubuntu-security-announce@lists.ubuntu.com | |
| Subject: | [USN-7230-1] Quagga vulnerability | |
| Date: | Mon, 27 Jan 2025 19:40:20 -0500 | |
| Message-ID: | <03984b8c-24db-4af4-a46c-7d436fdeca5b@canonical.com> |
========================================================================== Ubuntu Security Notice USN-7230-1 January 27, 2025 quagga vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 18.04 LTS Summary: Quagga could be made to crash if it received specially crafted network traffic. Software Description: - quagga: BGP/OSPF/RIP routing daemon Details: Iggy Frankovic discovered that Quagga incorrectly handled certain BGP messages. A remote attacker could possibly use this issue to cause Quagga to crash, resulting in a denial of service. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 18.04 LTS quagga 1.2.4-1ubuntu0.1~esm2 Available with Ubuntu Pro quagga-bgpd 1.2.4-1ubuntu0.1~esm2 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7230-1 CVE-2024-44070
Attachment: OpenPGP_signature.asc (type=application/pgp-signature)
-----BEGIN PGP SIGNATURE----- wsF5BAABCAAjFiEEyMDHOTG0YH5UsajI8pSCVQZYHygFAmeYJ3QFAwAAAAAACgkQ8pSCVQZYHyhX 3g/9E4fAQJz7HlIQFtkUN8NQCElWna9NV6psI8ZyQvOCQGkQbgY56FO15HO49vcDC1VA2CM7hPlX REPfDRzZPF0rmA8tq364x9qrNM1ma/dlTZSvENXsFzbYifWw6kmWPfnl+z5Jge6vngL/OQh/G2MT ZaaWnJm5hRggqWetW017zh/1oVsWRUwFMbgdJwLhvy92PAtWHJvdwzRZbikcusfmW+QGeObB92dM xaTL3rFuUUKzGupXgm/29UP7GtGU7g3lUvbUy0wM9zPCnBrX51R+LgTK82hhNdeQxcyR0j7xYa8x 8DnowYa/XDPlQjLvIhzMV4+ZIctF8DqkgIQQx0ypAGf4hOClfcZDZF+GRwu0AJsIxdCC2qALZuDT DNMxg0pb3bhnRjG7GsMRyMX2tOeLuuNGiPk2smLqTVhtm3LvA51XpfQO7Mr3djXF2b6j8k+jQuzM 7dY8xsb5vbFvdUVBmzNZdPN/Ws8obL8f1RoL7ex1Xepsix5uVC84pgOavGaja7Ze96xmXOJR04V8 Ezp5GrLk5fY9i74I0u9DhUJRFTWNwgyl9+M6UqQySMVyzuB47XfJOHlksUOqrQwnOPl6vRVxqbth xDGpNuIwgSExg+SLL2LDBKnMciRPsAceqzhnxPMQFx94medgVrrIorJQ27pt/X8RwBUMc8tETMBd d3o= =1XVk -----END PGP SIGNATURE-----
Attachment: None (type=text/plain)