-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Sun, 27 Oct 2013 23:38:09 +0100
Source: quagga
Binary: quagga quagga-dbg quagga-doc
Architecture: sparc
Version: 0.99.21-4+wheezy2
Distribution: wheezy-security
Urgency: high
Maintainer: sparc Build Daemon (spontini) <buildd_sparc-spontini@buildd.debian.org>
Changed-By: Christian Hammers <ch@debian.org>
Description: 
 quagga     - BGP/OSPF/RIP routing daemon
 quagga-dbg - BGP/OSPF/RIP routing daemon (debug symbols)
 quagga-doc - documentation files for quagga
Closes: 726724
Changes: 
 quagga (0.99.21-4+wheezy2) stable-security; urgency=high
 .
   * Applied a patch that fixes the following security issue:
     "ospfd: CVE-2013-2236, stack overrun in apiserver
 .
     the OSPF API-server (exporting the LSDB and allowing announcement of
     Opaque-LSAs) writes past the end of fixed on-stack buffers.  This leads
     to an exploitable stack overflow.
 .
     For this condition to occur, the following two conditions must be true:
     - Quagga is configured with --enable-opaque-lsa
     - ospfd is started with the "-a" command line option"
     Closes: #726724
Checksums-Sha1: 
 7dcaacb15cf9b80f320051096d7a7f8eeae46e5f 1614928 quagga_0.99.21-4+wheezy2_sparc.deb
 eb53b052d80f6836b023f0c978648afb7a2b9983 1693790 quagga-dbg_0.99.21-4+wheezy2_sparc.deb
Checksums-Sha256: 
 ac9e5ef75760ab52d2854d18c79c081e82768dd48a32bd22742402ce3374e236 1614928 quagga_0.99.21-4+wheezy2_sparc.deb
 fa11c4f6e759e048275917c83b899d5cee5a2cb2c9640b0880edacda61377787 1693790 quagga-dbg_0.99.21-4+wheezy2_sparc.deb
Files: 
 181d57382205e8414792cc3b2becebb7 1614928 net optional quagga_0.99.21-4+wheezy2_sparc.deb
 cb8b67104607a19a83b026773bb9aade 1693790 debug extra quagga-dbg_0.99.21-4+wheezy2_sparc.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQIcBAEBCAAGBQJSgWZ7AAoJENu2CT7+FNqbGvYP/ApJwMqMF+NFngD4sMQpC7jI
o/9Cgx2U7mLeBZsSvKL7prHn1ToxWVQ2JGfDJsKiESuhDStyjIVRTGklrahIXLGC
m0LjANuPMb5sGZg8iP0bpoTlw+fJ4JBgSV4mqGeeDlgZ63vwnW0FqHwGkRC0KM6R
xYzVz9aO0AbslYKqlv0q2MPVD+OS4FcaRZnr3ULByEkx4veBYqU8S2tliZIY0h0X
7HdR3bz4xMbEomAHMFFgi80pxi6ZnkOQ6Q6mfiCebVXUlrP1gTWW8ZMh7Y2zK/Wg
tSp9Adw368ezNQfWsQIJM4ocnUvhAJIwqLqq/oqMRPsJx8OryhMpb6z+NofAXFeH
OPGT4dzylAYf4ixKyPr0fuoJ0CTCZ51MlAeFMsw3npnx+NNf4UoNmeEPtCgpG4l5
QQiSTAdwG/W63ByRxulD81B9PDvFCYT6CHCJ9/hAGoNu+9ef0zoSY4w9K34yLU3r
7838kzRU1/hDArurlJwLnA6MDxLB/lTI/cxolpa/ZhHdIBPBBrQSny5cnMd3PLdK
v9J7jYKXMIi45Yaiol4qtDaxgR5EOXARkPnNm2GDOQ0nLyg6JhS73+fd9XOfhvi8
eAFWE9b2rrTFOWWTzDuHOWpgkDVTHygHMFSTurEQRBNsEYFnW+yFOe4Ke9QHhULR
MPLw36YyE3oR8vjTclIV
=+1hZ
-----END PGP SIGNATURE-----