Ebuild is already in tree.
Arches, please stabilize =net-misc/quagga-0.99.18
Created attachment 266865 [details] Build log
Comment on attachment 266865 [details] Build log Yes, realms patch fails to build again and even opsfapi will break. Fixing this stuff now, sigh.
k, no revision bump and the updated ebuild that drops USE=realms and builds with USE=ospfapi is in tree.
amd64 ok
amd64 done, thanks Agostino
It looks good now on x86. Thanks Diego!
ppc stable
x86 stable. Many thanks Andreas.
Stable for HPPA.
Stable on alpha.
arm/s390/sparc stable
Thanks, everyone. From $URL: Quagga 0.99.18 has been released, and is available in the usual place. This release fixes 2 denial of services in bgpd, which can be remotely triggered by malformed AS-Pathlimit or Extended-Community attributes. These issues have been assigned CVE-2010-1674 and CVE-2010-1675. Support for AS-Pathlimit has been removed with this release. GLSA Vote: no.
Vote: YES, Denial of Service in a BGP deamon = big impact...
Created attachment 272925 [details] realms patch adopted to 0.99.18
Created attachment 272927 [details] ebuild with realms patch Q&A warning about unknown configure option --enable-realms exists, although working as intended. Don't know how suppress this warning.
GLSA together with bug 334303, 359903 and 384651
This issue was resolved and addressed in GLSA 201202-02 at http://security.gentoo.org/glsa/glsa-201202-02.xml by GLSA coordinator Tim Sammut (underling).
