Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

quagga-contrib-0.99.9-1tr RPM for i586

From Trustix 3.0 for i586

Name: quagga-contrib Distribution: Trustix Secure Linux
Version: 0.99.9 Vendor: Comodo Trustix
Release: 1tr Build date: Thu Sep 20 09:27:47 2007
Group: Trustix Official Build host: ttrmgtnived.comodo.net
Size: 20996 Source RPM: quagga-0.99.9-1tr.src.rpm
Packager: Comodo Trustix <http://www.trustix.com>
Url: http://www.quagga.net
Summary: contrib tools for quagga
Contributed/3rd party tools which may be of use with quagga.

Provides

Requires

License

GPL

Changelog

* Thu Sep 20 2007 Nived Gopalan <nived at trustix dot org> 0.99.9-1tr
  - New Upstream.
  - SECURITY Fix: A vulnerability have been reported in Quagga, caused
    due to bgpd improperly handling messages sent by peers. This can be
    exploited to crash bgpd by sending a specially crafted "OPEN"
    message with an invalid message length or an invalid parameter
    length, or a specially crafted "UPDATE" message with a malformed
    "COMMUNITY" attribute.
  
    The Common Vulnerabilities and Exposures project (cve.mitre.org)
    has assigned the name CVE-2007-4826 to this issue.
* Thu May 03 2007 Nived Gopalan <nived at trustix dot org> 0.99.7-1tr
  - New Upstream.
  - SECURITY Fix: Paul Jakma has reported a vulnerability in Quagga,
    caused due to bgpd not checking the length information of the
    "MP_UNREACH_NLRI" and "MP_REACH_NLRI" attributes. This can be
    exploited to cause an assertion error or out of bounds read by
    sending a specially crafted UPDATE message.
  
    The Common Vulnerabilities and Exposures project (cve.mitre.org)
    has assigned the name CVE-2007-1995 to this issue.
* Tue Jun 27 2006 Bipin S <bipin at trustix dot org> 0.98.6-2tr
  - Added condition checking for %preun. Bug #1820.
* Tue May 23 2006 Nived Gopalan <nived at trustix dot org> 0.98.6-1tr
  - New Upstream. 
  - SECURITY Fix: Konstantin V. Gavrilenko has reported two security issues
    in Quagga, which can be exploited by malicious people to bypass certain
    security restrictions and to disclose system information.
  - An error in RIPd does not properly implement configurations that 1) 
    disable RIPv1 or 2) require plaintext or MD5 authentication. This allows 
    remote attackers to obtain sensitive information via REQUEST packets 
    such as SEND UPDATE.
  - An error in RIPd does not properly enforce RIPv2 authentication 
    requirements. This allows remote attackers to modify routing state via
    RIPv1 RESPONSE packets.
  - Fredrik Widell has reported a vulnerability in Quagga caused due to an
    infinite loop error in bgpd within the "community_str2com()" function.
    This can be exploited to cause the process to consume large amounts of
    CPU resources by issuing the "sh ip bgp command" command via the telnet
    management interface.
   	
    The Common Vulnerabilities and Exposures project (cve.mitre.org) has
    assigned the names CVE-2006-2223, CVE-2006-2224 and CVE-2006-2276 to
    these issues.
* Tue Jan 17 2006 Ajith Thampi <ajith at trustix dot org> 0.98.5-2tr
  - Rebuilt
* Tue Sep 20 2005 Ajith Thampi <ajith at comodo dot com> 0.98.5-1tr
  - Initial Entry into TSL 3.0

Files

/usr/share/doc/quagga-contrib-0.99.9
/usr/share/doc/quagga-contrib-0.99.9/tools
/usr/share/doc/quagga-contrib-0.99.9/tools/mrlg.cgi
/usr/share/doc/quagga-contrib-0.99.9/tools/rrcheck.pl
/usr/share/doc/quagga-contrib-0.99.9/tools/rrlookup.pl
/usr/share/doc/quagga-contrib-0.99.9/tools/zc.pl
/usr/share/doc/quagga-contrib-0.99.9/tools/zebra.el


Generated by rpm2html 1.8.1

Fabrice Bellet, Thu Apr 10 13:04:25 2014