-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Sun, 27 Oct 2013 23:38:09 +0100
Source: quagga
Binary: quagga quagga-dbg quagga-doc
Architecture: s390
Version: 0.99.21-4+wheezy2
Distribution: wheezy-security
Urgency: high
Maintainer: s390/s390x Build Daemon (zappa) <buildd_s390x-zappa@buildd.debian.org>
Changed-By: Christian Hammers <ch@debian.org>
Description: 
 quagga     - BGP/OSPF/RIP routing daemon
 quagga-dbg - BGP/OSPF/RIP routing daemon (debug symbols)
 quagga-doc - documentation files for quagga
Closes: 726724
Changes: 
 quagga (0.99.21-4+wheezy2) stable-security; urgency=high
 .
   * Applied a patch that fixes the following security issue:
     "ospfd: CVE-2013-2236, stack overrun in apiserver
 .
     the OSPF API-server (exporting the LSDB and allowing announcement of
     Opaque-LSAs) writes past the end of fixed on-stack buffers.  This leads
     to an exploitable stack overflow.
 .
     For this condition to occur, the following two conditions must be true:
     - Quagga is configured with --enable-opaque-lsa
     - ospfd is started with the "-a" command line option"
     Closes: #726724
Checksums-Sha1: 
 e6cce7e2932748bd495c88e88209bf6ccf4adac2 1781340 quagga_0.99.21-4+wheezy2_s390.deb
 3c3e0ac7a963d9a4f41647195eb5a7053be2be47 1862040 quagga-dbg_0.99.21-4+wheezy2_s390.deb
Checksums-Sha256: 
 4c557736738fc0c38552b7bba62d530c81f2680277bf58c59e321701f6ea5d7f 1781340 quagga_0.99.21-4+wheezy2_s390.deb
 381a47d5f84cbd80bdb6ab7e5c0e0ac9bb72bd47eee5690c2473027d6039917f 1862040 quagga-dbg_0.99.21-4+wheezy2_s390.deb
Files: 
 49817f8950405307d3cbfce912785fe0 1781340 net optional quagga_0.99.21-4+wheezy2_s390.deb
 570e71f9342bd1ac506b5c20408e2671 1862040 debug extra quagga-dbg_0.99.21-4+wheezy2_s390.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQIcBAEBAgAGBQJSgWCHAAoJEH8TkHQJ1OqYu+EP/1OzetwmaSRtiVLfAE2njN3/
iPBzTX9huALxIetYEcUWAuJpFa8WqMc85sbq2Em+sQn5YhRlTwHKJ6QBQebl3plO
j8PpfGuh6X+cBVF2+q75h7Hsat+z6or3qwbdhZcoSc01UM1p/11wSoziGP91+E8U
YHIcM3pNffI/jnvPj15Fw4czoBJUfLf2EA4sxcRyB8ftNZJISN13NznZhQj4YB71
uPF4lOVyNaisr9ur+8nn/C7PoPa0Byc9CQAtPWGjxf80YKTKBkxbgbim7dmJnqHA
Jj1gsl0cKT05tz5EY4ITlHTWWVf7VAxNq0Kfn3+sNe/I//GKJfn2XgkU4rWOrXRj
yC3Iol8Ax1lIAIvOkFJIskkUgYSZFhggWuWvDN+zKkeN+/YLc6rPJGgOizvNFGek
c7FfXIstl5V+0T55DjEkDyTtiURyaHu8JC1WVz72q645r7wIB4VlHtRyittijDBH
dyTx7YBY7D2Au8jXLxRkHK7gC4CaWKO5SlilP58B2lHv2t27/RBIPswaz+ENyUoS
FggUe1msSkp/ZJ9/qS7ODHuLLgoCJMo4Qxt7pXReOJWfx7T7ZgRT3fEi/6XDk7vi
hFDd6i97hvS+anFKmrNUcVYfBjsOVpM6gSCeA9W4LnGfzMQhgFUdjBFDFqkadXF+
AWjZPP5BZra9hYleDej0
=jRDg
-----END PGP SIGNATURE-----