268870 – <=net-misc/quagga-0.99.11-r1 DOS (CVE requested)

Bug 268870 - <=net-misc/quagga-0.99.11-r1 DOS (CVE requested)

Summary: <=net-misc/quagga-0.99.11-r1 DOS (CVE requested)

Status:	RESOLVED DUPLICATE of bug 267998

Alias:	None

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	High minor (vote)
Assignee:	Gentoo Security

URL:	http://thread.gmane.org/gmane.network...
Whiteboard:	B3 [ebuild]
Keywords:

Depends on:
Blocks:

Reported:	2009-05-06 21:41 UTC by Stefan Behte (RETIRED)
Modified:	2011-10-30 22:38 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Stefan Behte (RETIRED) gentoo-dev

2009-05-06 21:41:18 UTC

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=526311

Patch:
http://marc.info/?l=quagga-dev&m=123364779626078&w=2

Comment 1 Stefan Behte (RETIRED) gentoo-dev

2009-05-06 21:43:47 UTC

The patch says:
* bgpd/bgp_aspath.c: (aspath_make_str_count) "assert (len < str_size)" was
  getting hit under certain 4-byte ASN conditions.  New realloc strategy.
* bgpd/bgp_aspath.c: (aspath_key_make) const warning fix.

Comment 2 Stefan Behte (RETIRED) gentoo-dev

2009-05-06 21:44:25 UTC

Sorry for bugspam! :/

Comment 3 Alin Năstac (RETIRED) gentoo-dev

2009-05-06 22:13:39 UTC

This issue has been fixed in quagga-0.99.11-r1. See bug 267998.

Comment 4 Stefan Behte (RETIRED) gentoo-dev

2009-05-06 22:54:44 UTC


*** This bug has been marked as a duplicate of bug 267998 ***