Описание
Security update for quagga
This update for quagga fixes the following issue:
Security issue fixed:
- CVE-2016-4049: Fix for a buffer overflow error in bgp_dump_routes_func. (bsc#977012)
Список пакетов
SUSE Linux Enterprise Server 12
quagga-0.99.22.1-12.1
SUSE Linux Enterprise Server 12 SP1
quagga-0.99.22.1-12.1
SUSE Linux Enterprise Server for SAP Applications 12
quagga-0.99.22.1-12.1
SUSE Linux Enterprise Server for SAP Applications 12 SP1
quagga-0.99.22.1-12.1
SUSE Linux Enterprise Software Development Kit 12
quagga-devel-0.99.22.1-12.1
SUSE Linux Enterprise Software Development Kit 12 SP1
quagga-devel-0.99.22.1-12.1
Ссылки
- Link for SUSE-SU-2016:1482-1
- E-Mail link for SUSE-SU-2016:1482-1
- SUSE Security Ratings
- SUSE Bug 977012
- SUSE CVE CVE-2016-4049 page
Описание
The bgp_dump_routes_func function in bgpd/bgp_dump.c in Quagga does not perform size checks when dumping data, which might allow remote attackers to cause a denial of service (assertion failure and daemon crash) via a large BGP packet.
Затронутые продукты
SUSE Linux Enterprise Server 12 SP1:quagga-0.99.22.1-12.1
SUSE Linux Enterprise Server 12:quagga-0.99.22.1-12.1
SUSE Linux Enterprise Server for SAP Applications 12 SP1:quagga-0.99.22.1-12.1
SUSE Linux Enterprise Server for SAP Applications 12:quagga-0.99.22.1-12.1
Ссылки
- CVE-2016-4049
- SUSE Bug 977012