pkgsrc.se | The NetBSD package collection

Subject: CVS commit: pkgsrc/net/quagga
From: Greg Troxel
Date: 2006-06-05 21:28:25
Message id: 20060605192825.58EF7211CA@cvs.netbsd.org

Log Message:
Update to 0.98.6.

Security:
   ripd:

     - RIPD unauthenticated route table broadcast:
         CVE-2006-2223, OSVDB ID 25224, Secunia SA19910
     - RIPD unauthenticated route injection:
         CVE-2006-2224, OSVDB ID 25225, Secunia SA19910

       [ripd] 0.98 specific command changes, allow no-auth to be set
       [ripd] bugs #261, #262: Fix RIPv1 info-leak and unauthenticated route updates
       [doc] Add text on 0.98 specific RIP authentication changes
       [docs] Update ripd docs on version and authentication, see bugs #261,#262

 	Thanks to Konstantin V. Gavrilenko for report and testing.

   bgpd:
     - bgpd Telnet Interface DoS:
 	    OSVDB ID 25245:
 	     http://www.osvdb.org/displayvuln.php?osvdb_id=25245
 	    [quagga-dev 4051]:
 	     http://lists.quagga.net/pipermail/quagga-dev/2006-March/004052.html

       [bgpd] Fix infinite loop in community_str2com

[No NEWS entries for 0.98.2 to 0.98.6; many bugfixes]

Files:

Revision	Action	file
1.29	modify	pkgsrc/net/quagga/Makefile
1.8	modify	pkgsrc/net/quagga/PLIST
1.9	modify	pkgsrc/net/quagga/distinfo