-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Sun, 27 Oct 2013 23:38:09 +0100
Source: quagga
Binary: quagga quagga-dbg quagga-doc
Architecture: ia64
Version: 0.99.21-4+wheezy2
Distribution: wheezy-security
Urgency: high
Maintainer: ia64 Build Daemon (mundy) <buildd_ia64-mundy@buildd.debian.org>
Changed-By: Christian Hammers <ch@debian.org>
Description: 
 quagga     - BGP/OSPF/RIP routing daemon
 quagga-dbg - BGP/OSPF/RIP routing daemon (debug symbols)
 quagga-doc - documentation files for quagga
Closes: 726724
Changes: 
 quagga (0.99.21-4+wheezy2) stable-security; urgency=high
 .
   * Applied a patch that fixes the following security issue:
     "ospfd: CVE-2013-2236, stack overrun in apiserver
 .
     the OSPF API-server (exporting the LSDB and allowing announcement of
     Opaque-LSAs) writes past the end of fixed on-stack buffers.  This leads
     to an exploitable stack overflow.
 .
     For this condition to occur, the following two conditions must be true:
     - Quagga is configured with --enable-opaque-lsa
     - ospfd is started with the "-a" command line option"
     Closes: #726724
Checksums-Sha1: 
 7f2da0ed5c5d82810962389f99254dc468d6fecb 2196560 quagga_0.99.21-4+wheezy2_ia64.deb
 a0440daae16063818367a2dd6bc689745207c7c4 1875538 quagga-dbg_0.99.21-4+wheezy2_ia64.deb
Checksums-Sha256: 
 b89d852b73f86f0f4c0308711d8d181dd8acb51bb391b0131f409bdf60e63b5c 2196560 quagga_0.99.21-4+wheezy2_ia64.deb
 e85771f483228d3013fa68745deb625b18ca225b1765eb3b33185e9bd3313532 1875538 quagga-dbg_0.99.21-4+wheezy2_ia64.deb
Files: 
 a16cccb0d791daef85420f164da5d73b 2196560 net optional quagga_0.99.21-4+wheezy2_ia64.deb
 595c1e4d1cbd9d75c26550fdfa77a175 1875538 debug extra quagga-dbg_0.99.21-4+wheezy2_ia64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQIcBAEBCAAGBQJSgV/KAAoJEPxZc8HvAKuy6fcP/A23rDcAAzf5zWgwq3ENt9ab
obrkpf6YPYgjs6Q4ZG8UI+kWo2Zr4VkPfRoqm4uM1c+Bm6p5W7L5q+ocAz9yA/RL
z1qR3tQyCY3CWqhU3CX0fJG6rrlv+nlOuddkVUZFJ/yJ7pi1WzkDXhzlmKaARK8G
zEzsYuOYnnttAPYUenbE36Pdz3wTy3AFZFRnwhD0clF/VCYx2/CUuSAcmMFLRsTF
bPBHH5D+A7a+TwYzAH5O4gbSXEupBOOYYd3DyyVSAZYFcnPLOZh/S0292etcpkiE
pslXiFkvfBknv+lex3DgtkEn8WBMaFTCiLIqGm9UX6lFx+7OPh1tTtCeXNEwgJSE
4+gmHntnhnvHRJ8cDVvQZQA5XCmJLTPPRUHR8TJNt4XDhPFgZuY9Hy8nN4WWwm9j
f5mo9rEVfx1i1KOQs3vbugx4QfmnIeQYJGx7zru1+fNtkQNlB91V9hbmlUtzT6sR
yZd09yHdRlDmcBpeToq5d/lsqm6q+1tUVKFIgwA3LdT+/KgfOheczbpvqvx7XAJY
NUl71s7DRK6SN42/6UV8YHLieGtMhaQEr+sf6CDMcEIoG1NW/J2rjGb/flcrumeI
JzLPX4NJjbnQ0oKpDmDzQbJZDvIKJ/hpTARLf6I0Ee/FQXvuz4ux0pyZoQfX0j7O
ghtqP8hj5TGeOshFldvM
=Bb0Z
-----END PGP SIGNATURE-----