-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Sun, 27 Oct 2013 23:38:09 +0100
Source: quagga
Binary: quagga quagga-dbg quagga-doc
Architecture: armel
Version: 0.99.21-4+wheezy2
Distribution: wheezy-security
Urgency: high
Maintainer: armel Build Daemon (arnold) <buildd_armel-arnold@buildd.debian.org>
Changed-By: Christian Hammers <ch@debian.org>
Description: 
 quagga     - BGP/OSPF/RIP routing daemon
 quagga-dbg - BGP/OSPF/RIP routing daemon (debug symbols)
 quagga-doc - documentation files for quagga
Closes: 726724
Changes: 
 quagga (0.99.21-4+wheezy2) stable-security; urgency=high
 .
   * Applied a patch that fixes the following security issue:
     "ospfd: CVE-2013-2236, stack overrun in apiserver
 .
     the OSPF API-server (exporting the LSDB and allowing announcement of
     Opaque-LSAs) writes past the end of fixed on-stack buffers.  This leads
     to an exploitable stack overflow.
 .
     For this condition to occur, the following two conditions must be true:
     - Quagga is configured with --enable-opaque-lsa
     - ospfd is started with the "-a" command line option"
     Closes: #726724
Checksums-Sha1: 
 3c26db06a66673f8e928c0850536d4d4612a3901 1626862 quagga_0.99.21-4+wheezy2_armel.deb
 b8086236b17ff6fced473088b845e510bbe7ceef 1831056 quagga-dbg_0.99.21-4+wheezy2_armel.deb
Checksums-Sha256: 
 ac2ed5a42d6578cd44db21b512518c49178c51e9b4ee79e0b723486637e46f23 1626862 quagga_0.99.21-4+wheezy2_armel.deb
 03de8318e4a08940f2d4355175200abf2b5d566762e066def579402408ecf708 1831056 quagga-dbg_0.99.21-4+wheezy2_armel.deb
Files: 
 d456d68f929d3fd8617cc88477369e91 1626862 net optional quagga_0.99.21-4+wheezy2_armel.deb
 8854caebfba5ac281d9ef2a93f7afe07 1831056 debug extra quagga-dbg_0.99.21-4+wheezy2_armel.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQIcBAEBAgAGBQJSgX5PAAoJED1tEnPPHc2OZMkP/im2Ls4quEUofWAapUiz96TJ
xtIUdDrLa6JakWUiVzy1HMrqQsp/xIwI38mPuG5vTbVtn4RvhlSSxxjrsynCE5WL
xzI2hGu9B/yaVVoLLLmtvXh+YRLZQ7XvzC0ZHJrAfUz42c8jFM60w9fqM70fQzrE
bXexIHjrrSA3SbAbrgkXKkp+TiqdqY3/Sn0kY77FVk4MfF4zB687I3p5R6CngBjv
4SVSsihK3AxFPz9Tg0PGAO4QQolHZ9RE/twPq3ECORNPAPCZMz1wi2uX1a7WYk13
gY28OhNdbvSTnn95wcoX+PlHufZhLhffTJdsoL3SPOOq1Vqt7yXWawpRzVNjwsVb
nWKvxR/+t2SuuqlEAl2Sgf+yypdmShpOwH/xOp0z754freScJ1FFs9Y+147TnuTT
bJIlZtOQ9ugSe4E1LSoQOhDVB17S8tNdlTcumWDiugBDoEllgcYZyZENEAFECjwq
QK2fhoIoVTC2VZ0YpekfLJS83MEM/GPjszXteqlFo+ZBKoIxaNrDfuGZybLii1Mv
bvSYArf79kb8h650PBkQW1DzNScLYZUhxiQE+XpBvIL6E0bppuV3/8HEW+fl/s04
1D4ckObxrSP3RL2TPN2o3jdS6no69MRwsUBNMVHBsEmqacIoO20xQZtSrG/9LDl1
GLREo0r51KNdSaTZlHoX
=S3jx
-----END PGP SIGNATURE-----