Please read this before reporting a bug:
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
FS#56250 - [quagga] denial of service (CVE-2017-16227)
Attached to Project:
Arch Linux
Opened by Christian Rebischke (Shibumi) - Sunday, 05 November 2017, 19:37 GMT
Last edited by Sébastien Luttringer (seblu) - Sunday, 10 December 2017, 10:32 GMT
Opened by Christian Rebischke (Shibumi) - Sunday, 05 November 2017, 19:37 GMT
Last edited by Sébastien Luttringer (seblu) - Sunday, 10 December 2017, 10:32 GMT
|
DetailsSummary
======= The package quagga is vulnerable to denial of service via CVE-2017-16227. Guidance ======== Apply the Patch to fix this issue: https://lists.quagga.net/pipermail/quagga-dev/2017-September/033284.html References ========== https://security.archlinux.org/AVG-481 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=879474 https://lists.quagga.net/pipermail/quagga-dev/2017-September/033284.html https://git.savannah.gnu.org/cgit/quagga.git/commit/?id=7a42b78be9a4108d98833069a88e6fddb9285008 |
This task depends upon
Closed by Sébastien Luttringer (seblu)
Sunday, 10 December 2017, 10:32 GMT
Reason for closing: Fixed
Sunday, 10 December 2017, 10:32 GMT
Reason for closing: Fixed