Описание
Security update for quagga
This update for quagga fixes the following issue:
Security issue fixed:
- CVE-2016-4049: Fix for a buffer overflow error in bgp_dump_routes_func. (bsc#977012)
Список пакетов
SUSE Linux Enterprise Server 11 SP4
quagga-0.99.15-0.24.2
SUSE Linux Enterprise Server for SAP Applications 11 SP4
quagga-0.99.15-0.24.2
SUSE Linux Enterprise Software Development Kit 11 SP4
quagga-0.99.15-0.24.2
quagga-devel-0.99.15-0.24.2
Ссылки
- Link for SUSE-SU-2016:1483-1
- E-Mail link for SUSE-SU-2016:1483-1
- SUSE Security Ratings
- SUSE Bug 977012
- SUSE CVE CVE-2016-4049 page
Описание
The bgp_dump_routes_func function in bgpd/bgp_dump.c in Quagga does not perform size checks when dumping data, which might allow remote attackers to cause a denial of service (assertion failure and daemon crash) via a large BGP packet.
Затронутые продукты
SUSE Linux Enterprise Server 11 SP4:quagga-0.99.15-0.24.2
SUSE Linux Enterprise Server for SAP Applications 11 SP4:quagga-0.99.15-0.24.2
SUSE Linux Enterprise Software Development Kit 11 SP4:quagga-0.99.15-0.24.2
SUSE Linux Enterprise Software Development Kit 11 SP4:quagga-devel-0.99.15-0.24.2
Ссылки
- CVE-2016-4049
- SUSE Bug 977012