Subject: CVS commit: [pkgsrc-2006Q1] pkgsrc/net/quagga
To: None <pkgsrc-changes@NetBSD.org>
From: Lubomir Sedlacik <salo@netbsd.org>
List: pkgsrc-changes
Date: 06/07/2006 16:31:21
Module Name: pkgsrc
Committed By: salo
Date: Wed Jun 7 16:31:21 UTC 2006
Modified Files:
pkgsrc/net/quagga [pkgsrc-2006Q1]: Makefile PLIST distinfo
Log Message:
Pullup ticket 1692 - requested by gdt
security update for quagga
Revisions pulled up:
- pkgsrc/net/quagga/Makefile 1.29
- pkgsrc/net/quagga/PLIST 1.8
- pkgsrc/net/quagga/distinfo 1.9
Module Name: pkgsrc
Committed By: gdt
Date: Mon Jun 5 19:28:25 UTC 2006
Modified Files:
pkgsrc/net/quagga: Makefile PLIST distinfo
Log Message:
Update to 0.98.6.
Security:
ripd:
- RIPD unauthenticated route table broadcast:
CVE-2006-2223, OSVDB ID 25224, Secunia SA19910
- RIPD unauthenticated route injection:
CVE-2006-2224, OSVDB ID 25225, Secunia SA19910
[ripd] 0.98 specific command changes, allow no-auth to be set
[ripd] bugs #261, #262: Fix RIPv1 info-leak and unauthenticated
route updates
[doc] Add text on 0.98 specific RIP authentication changes
[docs] Update ripd docs on version and authentication, see bugs
#261,#262
Thanks to Konstantin V. Gavrilenko for report and testing.
bgpd:
- bgpd Telnet Interface DoS:
OSVDB ID 25245:
http://www.osvdb.org/displayvuln.php?osvdb_id=25245
[quagga-dev 4051]:
http://lists.quagga.net/pipermail/quagga-dev/2006-March/004052.html
[bgpd] Fix infinite loop in community_str2com
[No NEWS entries for 0.98.2 to 0.98.6; many bugfixes]
To generate a diff of this commit:
cvs rdiff -r1.27 -r1.27.2.1 pkgsrc/net/quagga/Makefile
cvs rdiff -r1.6 -r1.6.8.1 pkgsrc/net/quagga/PLIST
cvs rdiff -r1.8 -r1.8.2.1 pkgsrc/net/quagga/distinfo
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.