Update for ImageMagick, ImageMagick.256, Mozilla... security low

quagga: remote denial of service

This security update of quagga fixes:
- CVE-2010-1674: Direct BGP peers can send malformed
extended communities which lead to a NULL pointer
dereference.
- CVE-2010-1675: A malformed AS_PATHLIMIT path attribute
will cause a session reset in Quagga. This malformed
package is forwarded by other routers and can be used to
take "all" Quagga routers off the Internet with one
single announcement.

Fixed bugs
bnc#654270
VUL-0: quagga: Malformed extended communities and AS_PATHLIMIT DoS
CVE#CVE-2010-1674
The extended-community parser in bgpd in Quagga before 0.99.18 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a malformed Extended Communities attribute.
CVE#CVE-2010-1675
bgpd in Quagga before 0.99.18 allows remote attackers to cause a denial of service (session reset) via a malformed AS_PATHLIMIT path attribute.
Selected Binaries
openSUSE Build Service is sponsored by