openSUSE-SU-2016:1313-1

Опубликовано: 17 мая 2016

Источник: suse-cvrf

Описание

Security update for quagga

This update for quagga fixes the following security issues:

CVE-2016-4049: Remote crash vulerability with specially crafted packages due to a buffer overflow error in bgp_dump_routes_func (boo#977012)

Список пакетов

openSUSE Leap 42.1

quagga-0.99.24.1-11.1

quagga-devel-0.99.24.1-11.1

Ссылки

https://lists.opensuse.org/opensuse-updates/2016-05/msg00062.html
E-Mail link for openSUSE-SU-2016:1313-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings

Описание

The bgp_dump_routes_func function in bgpd/bgp_dump.c in Quagga does not perform size checks when dumping data, which might allow remote attackers to cause a denial of service (assertion failure and daemon crash) via a large BGP packet.

Затронутые продукты

openSUSE Leap 42.1:quagga-0.99.24.1-11.1

openSUSE Leap 42.1:quagga-devel-0.99.24.1-11.1

Ссылки

https://www.suse.com/security/cve/CVE-2016-4049.html
CVE-2016-4049
https://bugzilla.suse.com/977012
SUSE Bug 977012

openSUSE-SU-2016:1313-1

Описание

Список пакетов

openSUSE Leap 42.1

Ссылки

Уязвимость: CVE-2016-4049

Описание

Затронутые продукты

Ссылки