openSUSE-SU-2016:2646-1

Опубликовано: 26 окт. 2016

Источник: suse-cvrf

Описание

Security update for quagga

This update for quagga fixes the following issue:

CVE-2016-1245: Fix for a zebra stack overrun in IPv6 RA receive code. (bsc#1005258).

Список пакетов

openSUSE Leap 42.1

quagga-0.99.24.1-14.1

quagga-devel-0.99.24.1-14.1

Ссылки

https://lists.opensuse.org/opensuse-security-announce/2016-10/msg00061.html
E-Mail link for openSUSE-SU-2016:2646-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings

Описание

It was discovered that the zebra daemon in Quagga before 1.0.20161017 suffered from a stack-based buffer overflow when processing IPv6 Neighbor Discovery messages. The root cause was relying on BUFSIZ to be compatible with a message size; however, BUFSIZ is system-dependent.

Затронутые продукты

openSUSE Leap 42.1:quagga-0.99.24.1-14.1

openSUSE Leap 42.1:quagga-devel-0.99.24.1-14.1

Ссылки

https://www.suse.com/security/cve/CVE-2016-1245.html
CVE-2016-1245
https://bugzilla.suse.com/1005258
SUSE Bug 1005258

openSUSE-SU-2016:2646-1

Описание

Список пакетов

openSUSE Leap 42.1

Ссылки

Уязвимость: CVE-2016-1245

Описание

Затронутые продукты

Ссылки