Ubuntu 775-1: Quagga vulnerability

==========================================================Ubuntu Security Notice USN-775-1               May 12, 2009
quagga vulnerability
CVE-2009-1572
==========================================================
A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS
Ubuntu 8.04 LTS
Ubuntu 8.10
Ubuntu 9.04

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 6.06 LTS:
  quagga                          0.99.2-1ubuntu3.5

Ubuntu 8.04 LTS:
  quagga                          0.99.9-2ubuntu1.2

Ubuntu 8.10:
  quagga                          0.99.9-6ubuntu0.1

Ubuntu 9.04:
  quagga                          0.99.11-1ubuntu0.1

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

It was discovered that the BGP service in Quagga did not correctly
handle certain AS paths containing 4-byte ASNs.  An authenticated remote
attacker could exploit this flaw to cause bgpd to abort, leading to a
denial of service.


Updated packages for Ubuntu 6.06 LTS:

  Source archives:

          Size/MD5:    37396 292a1fd54c54ee38c5516a9ca6523684
          Size/MD5:      808 d5f6cf9d134b206ae50a8cdb5ec440ef
          Size/MD5:  2185137 88087d90697fcf5fe192352634f340b3

  Architecture independent packages:

          Size/MD5:   664112 e541fe24436631fe1dd0d9950c1d2e24

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

          Size/MD5:  1404040 736f2c09298720560f32fdd1d07034c4

  i386 architecture (x86 compatible Intel/AMD):

          Size/MD5:  1199076 382851e8e63c2d82a6b7be5a1dd3cbae

  powerpc architecture (Apple Macintosh G3/G4/G5):

          Size/MD5:  1351344 6251ec5c5d7f4c7bcbc955fc34949da7

  sparc architecture (Sun SPARC/UltraSPARC):

          Size/MD5:  1322236 573027a1c4046355d7092ee6f9d1954a

Updated packages for Ubuntu 8.04 LTS:

  Source archives:

          Size/MD5:    39821 d108390e18abfb164ac6add2059a70f4
          Size/MD5:     1022 1ed0ba0dad080309f1f7e4be0f938a86
          Size/MD5:  2341067 4dbdaf91bf6609803819d97d5fccc4c9

  Architecture independent packages:

          Size/MD5:   661654 00651b4ef4395f0482c2e8045fef3df4

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

          Size/MD5:  1619694 1463126f4765b183d7d05439dce8e85e

  i386 architecture (x86 compatible Intel/AMD):

          Size/MD5:  1464662 4b47ad2b99897070c3d9e83b17d31fe6

  lpia architecture (Low Power Intel Architecture):

          Size/MD5:  1461048 f43d4d089d177d8fda7b5e15c03c4fbd

  powerpc architecture (Apple Macintosh G3/G4/G5):

          Size/MD5:  1658536 6f57951e682174d9654138b6e64062a2

  sparc architecture (Sun SPARC/UltraSPARC):

          Size/MD5:  1521228 b9eb0d80e54b06063a1cdb67fb4d127c

Updated packages for Ubuntu 8.10:

  Source archives:

          Size/MD5:    39858 dd50ad39ebb03c42c684efe1bfc16a73
          Size/MD5:     1486 01d1272ad69971946c70ccff5dd2c1db
          Size/MD5:  2341067 4dbdaf91bf6609803819d97d5fccc4c9

  Architecture independent packages:

          Size/MD5:   661130 52ab02e56bffd388775e7add6943f72c

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

          Size/MD5:  1729098 c77f07c11e21227fa219a5448f622fb0

  i386 architecture (x86 compatible Intel/AMD):

          Size/MD5:  1589616 8ecef808331e53dca0fe0b2f7e48049a

  lpia architecture (Low Power Intel Architecture):

          Size/MD5:  1565098 eba9788ae7b71fa2cc3d349a0b96ca6e

  powerpc architecture (Apple Macintosh G3/G4/G5):

          Size/MD5:  1693896 f0ee074951fdab1668a33cef036b02e5

  sparc architecture (Sun SPARC/UltraSPARC):

          Size/MD5:  1643386 e791fa01f8b51ca7b7bfaa9e74cd7aac

Updated packages for Ubuntu 9.04:

  Source archives:

          Size/MD5:    39815 af681588d24ed13e1ba223a9294423e3
          Size/MD5:     1493 9c1d0c8987369d2a4cbd4d15dfd1cf6e
          Size/MD5:  2192249 903e40c744730ad4d62bee872eeb813b

  Architecture independent packages:

          Size/MD5:   631710 9157ee95937ad02265b5605896577ebe

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

          Size/MD5:  1708300 f9fc9256058948fd82aec0aefddbad56

  i386 architecture (x86 compatible Intel/AMD):

          Size/MD5:  1570358 dc112519bd1248bd480d394ec710c339

  lpia architecture (Low Power Intel Architecture):

          Size/MD5:  1545774 6c068d3ab5d334cee19e6290bb8c2bc1

  powerpc architecture (Apple Macintosh G3/G4/G5):

          Size/MD5:  1674212 82de163f2602d256caddb75c124afb54

  sparc architecture (Sun SPARC/UltraSPARC):

          Size/MD5:  1623648 34b17f42f4dc5a396d7442550f53400d
Get the Latest News & Insights
Ubuntu 775-1: Quagga vulnerability

Summary

Update Instructions

References

Package Information

Related News

Get the Latest News & Insights

News

Advisories

HOWTOs

Features

About Us

Powered By
