diff options
| author |   Yue Tao <Yue.Tao@windriver.com> | 2014-07-28 04:15:03 -0400 |
|---|---|---|
| committer |   Joe MacDonald <joe_macdonald@mentor.com> | 2014-08-05 16:23:58 -0400 |
| commit | 71bb2dc7c3cbb41e3a566510d3ea20cb42eebb21 (patch) | |
| tree | bce3d564bc6e2c3df404850b763df1b35c9c0647 /meta-networking/recipes-protocols/quagga/quagga_0.99.21.bb | |
| parent | 18bea207810b73828451a60f2d647c91f83d1883 (diff) | |
| download | meta-openembedded-contrib-71bb2dc7c3cbb41e3a566510d3ea20cb42eebb21.tar.gz | |
quagga: Security Advisory - quagga - CVE-2013-2236
Stack-based buffer overflow in the new_msg_lsa_change_notify function in
the OSPFD API (ospf_api.c) in Quagga before 0.99.22.2, when
--enable-opaque-lsa and the -a command line option are used, allows
remote attackers to cause a denial of service (crash) via a large LSA.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-2236
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Diffstat (limited to 'meta-networking/recipes-protocols/quagga/quagga_0.99.21.bb')
| -rw-r--r-- | meta-networking/recipes-protocols/quagga/quagga_0.99.21.bb | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/meta-networking/recipes-protocols/quagga/quagga_0.99.21.bb b/meta-networking/recipes-protocols/quagga/quagga_0.99.21.bb index 0988b70eb0..596d703395 100644 --- a/meta-networking/recipes-protocols/quagga/quagga_0.99.21.bb +++ b/meta-networking/recipes-protocols/quagga/quagga_0.99.21.bb @@ -7,6 +7,7 @@ SRC_URI += "file://0001-doc-fix-makeinfo-errors-and-one-warning.patch \ file://build-fix-extract.pl-for-cross-compilation.patch \ file://babel-close-the-stdout-stderr-as-in-other-daemons.patch \ file://work-with-new-readline.patch \ + file://0001-ospfd-CVE-2013-2236-stack-overrun-in-apiserver.patch \ " SRC_URI[quagga-0.99.21.md5sum] = "99840adbe57047c90dfba6b6ed9aec7f" |