-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Sun, 27 Oct 2013 23:38:09 +0100
Source: quagga
Binary: quagga quagga-dbg quagga-doc
Architecture: armhf
Version: 0.99.21-4+wheezy2
Distribution: wheezy-security
Urgency: high
Maintainer: armhf Build Daemon (hummel) <buildd_armhf-hummel@buildd.debian.org>
Changed-By: Christian Hammers <ch@debian.org>
Description: 
 quagga     - BGP/OSPF/RIP routing daemon
 quagga-dbg - BGP/OSPF/RIP routing daemon (debug symbols)
 quagga-doc - documentation files for quagga
Closes: 726724
Changes: 
 quagga (0.99.21-4+wheezy2) stable-security; urgency=high
 .
   * Applied a patch that fixes the following security issue:
     "ospfd: CVE-2013-2236, stack overrun in apiserver
 .
     the OSPF API-server (exporting the LSDB and allowing announcement of
     Opaque-LSAs) writes past the end of fixed on-stack buffers.  This leads
     to an exploitable stack overflow.
 .
     For this condition to occur, the following two conditions must be true:
     - Quagga is configured with --enable-opaque-lsa
     - ospfd is started with the "-a" command line option"
     Closes: #726724
Checksums-Sha1: 
 86f3fee9590626d0a10270147fa573c6c8e4d61b 1521894 quagga_0.99.21-4+wheezy2_armhf.deb
 f41c51dacb2d9c457aa63a208d38e1d33f073ba0 1862506 quagga-dbg_0.99.21-4+wheezy2_armhf.deb
Checksums-Sha256: 
 6752278bdb04f5ab660a89e502a3ab28b5eb50cdb9468f15d014687fb9816e92 1521894 quagga_0.99.21-4+wheezy2_armhf.deb
 b07495e7a5432762eca1a8165d9a4fa5454971bd018fe958573c3fcf804adff0 1862506 quagga-dbg_0.99.21-4+wheezy2_armhf.deb
Files: 
 fdd79ad40fd05b2532873fbf4ad9ac27 1521894 net optional quagga_0.99.21-4+wheezy2_armhf.deb
 f45f0c56939593cd7b7c6fc970f734d8 1862506 debug extra quagga-dbg_0.99.21-4+wheezy2_armhf.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQIcBAEBAgAGBQJSgXk0AAoJEFfKstOQ/zfc4tAP/14z0KllQd8vjgfhX9LK1WhR
ZDXIC1dbNPRBR92NTNJv+mpIQbtuoPj/SA02qYZPekYKIuXX8Za4vWXgWHAIVSU4
Grh27/jjuAIN2nQaH9jbbLw40Q3ep8hxuu4nYrhjK5vc8GxFoSQgs5f7Z4WLSUwH
WRi9m8TgyxLE31R83CP7Irhw7u5gNbvE1/VjMYgwHbTeJ+V0Sh2oF/G0BxUnPnnp
ixM6OdW1DDNOGkD4XxLfk1G0tl3wGK1dGIvdk+X7SryE7VojoJrgg32GhrrZi7+V
scUd8trdnlsHNpz7fdiQ2qeSnjbbQ1+/YibMlyvsKfVxIXnyhwj4oZuxmUWZHhNa
xdmj274vhEhnc2VPcn6Zkbs34CPu1ywUH77WhZ1D+jpqSXmdfrlrOPd1PbqSfP8t
SoOJp0e5xcuTQBmCKz3/Ssu7FCgnWD8cmrc40Tn7irykD+5FkWEEHHZq66i3wefc
pP4Q5LWOuC14Zw+AQXli0g7r+KU0aSW8WXRMEUsX5vqH4zrpEOAaxtXmruZEF7Ed
f0o3Q8F6ABbfcrR+tnQGmKXq1KcluOVXvKz0muKKhLlAml5HFSmbVvz77VwVzgIg
tZ1nSHw+H7L/kF/4f89WcVitzLfUnzdgw3rRQPGa4VgPF/9arfteYUWCS8rJ1fMC
urLmAFdOpXoG/AIGdCS0
=087P
-----END PGP SIGNATURE-----