-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Sun, 27 Oct 2013 23:38:09 +0100
Source: quagga
Binary: quagga quagga-dbg quagga-doc
Architecture: i386
Version: 0.99.21-4+wheezy2
Distribution: wheezy-security
Urgency: high
Maintainer: amd64 / i386 Build Daemon (babin) <buildd-babin@buildd.debian.org>
Changed-By: Christian Hammers <ch@debian.org>
Description: 
 quagga     - BGP/OSPF/RIP routing daemon
 quagga-dbg - BGP/OSPF/RIP routing daemon (debug symbols)
 quagga-doc - documentation files for quagga
Closes: 726724
Changes: 
 quagga (0.99.21-4+wheezy2) stable-security; urgency=high
 .
   * Applied a patch that fixes the following security issue:
     "ospfd: CVE-2013-2236, stack overrun in apiserver
 .
     the OSPF API-server (exporting the LSDB and allowing announcement of
     Opaque-LSAs) writes past the end of fixed on-stack buffers.  This leads
     to an exploitable stack overflow.
 .
     For this condition to occur, the following two conditions must be true:
     - Quagga is configured with --enable-opaque-lsa
     - ospfd is started with the "-a" command line option"
     Closes: #726724
Checksums-Sha1: 
 5d2f9b53bb9e64d32fdbc88021059e01f194a645 1627486 quagga_0.99.21-4+wheezy2_i386.deb
 8af8fa667e761aaa9d6241f9e827d774f042c8c9 2094844 quagga-dbg_0.99.21-4+wheezy2_i386.deb
Checksums-Sha256: 
 1db0817708ba0c22b3b526070da6ba09fd247f807ad7aed3afe30f644a302f3e 1627486 quagga_0.99.21-4+wheezy2_i386.deb
 9ee3133297472ec58bf0460b36905f3353891687dd3d06c2f9b2424fb4ba79fd 2094844 quagga-dbg_0.99.21-4+wheezy2_i386.deb
Files: 
 c4876e216934c3e85163936ec5c8953f 1627486 net optional quagga_0.99.21-4+wheezy2_i386.deb
 295cab8714aacb6f19d25a51cc9e0735 2094844 debug extra quagga-dbg_0.99.21-4+wheezy2_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQIcBAEBAgAGBQJSgV87AAoJEBg/77AQSmLturwP/R5xddS+IQB33EiQ+Cf21QoX
UHaehbW9j1GanXMCUAdiM5PJZtZHC0zsThShcJeCgLGvIdlIXuuh/FpPMMd1zy9L
mGLBuWsu+R7pAwFqH8vUStg+F+y5YU3IB4ru8m9O27DlLOYexhXmuCHSPt81HAvw
ngkr/9QreXbArtnqRGoIeTnRauN1OmwQdqgngAJTDounOXWSAEoMRScfNXL0kBch
uSviUcG0DpcQMATkJE51l6OyR4834oaulBuNR5vA8KIC/5EHwRElKhxbE43RI1ed
SwrmUuAtLIZBX1MrDeF8Nzfqb4BCwRHf2BjnjZ8+wuHUgUzGeO7rnn32pW8gFvSs
131v4fkzRLPpM5TdLRcomDSw/GNUCTlx2z2Z8hKudj1ylz8vxs6mHoaa0Aziy7Fk
eC/02Qd2Mj8IqeiNzPrBQ1hQgFVX1NR/oOJDiIwGBa8HKC20osxYj+wxBJIIvzVr
X03wTs9+3zMyWe3qKJkNSWk4gjUC6GTVLlElogQJDXHpZx3ygVZmtbSRJGTWLvJE
X6nH4g7+1nDg+CBnZDiNB9yaFbEw4Yu3yYCBpRjYQTtTyajZAlx/XIH8ZxjB/IvP
C0/as9vBuv0j8QO2DSHUlEHWvsyld4AXq+uT/piRlOKqOLsxfBaGGOOu8n9KMcJP
+m8a2BdrQKqa04ZSO9wI
=bDQq
-----END PGP SIGNATURE-----