SUSE Security Update: Security update for quagga ______________________________________________________________________________ Announcement ID: SUSE-SU-2011:1171-1 Rating: important References: #718056 #718058 #718059 #718061 #718062 Cross-References: CVE-2011-3323 CVE-2011-3324 CVE-2011-3325 CVE-2011-3326 CVE-2011-3327 Affected Products: ______________________________________________________________________________ An update that fixes 5 vulnerabilities is now available. Description: This update fixes the following security issues in quagga: * 718056: OSPF6D buffer overflow while decoding Link State Update with Inter Area Prefix Lsa (CVE-2011-3323) * 718058: OSPF6D DoS while decoding Database Description packet (CVE-2011-3324) * 718059: OSPFD DoS while decoding Hello packet (CVE-2011-3325) * 718061: OSPFD DoS while decoding Link State Update (CVE-2011-3326) * 718062: DoS while decoding EXTENDED_COMMUNITIES in Quagga's BGP (CVE-2011-3327) Security Issue references: * CVE-2011-3323 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3323
* CVE-2011-3324 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3324
* CVE-2011-3325 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3325
* CVE-2011-3326 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3326
* CVE-2011-3327 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3327
Indications: Please install this update. Package List: References: http://support.novell.com/security/cve/CVE-2011-3323.html http://support.novell.com/security/cve/CVE-2011-3324.html http://support.novell.com/security/cve/CVE-2011-3325.html http://support.novell.com/security/cve/CVE-2011-3326.html http://support.novell.com/security/cve/CVE-2011-3327.html https://bugzilla.novell.com/718056 https://bugzilla.novell.com/718058 https://bugzilla.novell.com/718059 https://bugzilla.novell.com/718061 https://bugzilla.novell.com/718062 http://download.novell.com/patch/finder/?keywords=b0427e8239de7b04885a01efa3... -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-security-announce+help@opensuse.org