Package: quagga Version: 0.99.21-1 Severity: important Tags: upstream patch
Hello As our stable-proposed-updates policy demands a bug report, I create one based on the below mail which I got from one of the Quagga maintainers. Updated packages are build and will soon be uploaded. bye, -christian- Beginn der weitergeleiteten Nachricht: Datum: Sat, 20 Apr 2013 17:47:50 +0200 Von: David Lamparter <[email protected]> An: Christian Hammers <[email protected]>, Florian Weimer <[email protected]> Betreff: Quagga version in wheezy & squeeze-backports Hi Christian, Hi Florian, looking through the various distribution's Quagga packages, I noticed you are shipping 0.99.21 without the thread_cancel_event fix applied. This makes ospfd completely unusable. Without the patch, ospfd will crash randomly when a neighbor goes down. (If required, this might be considered a DoS security issue.) The patch is up at: http://git.savannah.gnu.org/cgit/quagga.git/commit/?h=stable/0.99.21&id=aaa964a8f861d5cd68723adc27236548f3f05713 ... -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
