Summary: | net-misc/quagga:OSPF implementation improperly determines LSA recency | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Christopher Díaz Riveros (RETIRED) <chrisadr> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED WONTFIX | ||
Severity: | minor | CC: | pinkbyte |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://www.kb.cert.org/vuls/id/793496 | ||
Whiteboard: | C3 [upstream/cve] | ||
Package list: | Runtime testing required: | --- |
Description
Christopher Díaz Riveros (RETIRED)
2017-07-28 13:59:25 UTC
Upstream Bug/Proposed Patch:(https://bugzilla.quagga.net/show_bug.cgi?id=493) CVE Source:(http://www.kb.cert.org/vuls/id/793496) Bug 493 on bugzilla.quagga.net has nothing to do with this issue RedHat guys closed this as WONTFIX, upstream seems not care at all, our move - ? Sergey, your call as a maintainer and considering red-hat closed with "Wont Fix", up to you if you want to do the same. Considering that upstream doe snot care, we can leave it as a trackable open, or close it as Red-Hat has done. So many other hardening measures to protect against this. |