Overview

File _patchinfo of Package patchinfo.7806

<patchinfo incident="7806">
  <issue id="1079801" tracker="bnc">EMU: VUL-0: CVE-2018-5381: quagga: bgpd infinite loop</issue>
  <issue id="1065641" tracker="bnc">VUL-0: CVE-2017-16227: quagga: denial of service via specially crafted BGP UPDATE messages</issue>
  <issue id="1079800" tracker="bnc">EMU: VUL-1: CVE-2018-5380: quagga: bgpd code-to-string conversion tables overrun</issue>
  <issue id="1079798" tracker="bnc">EMU: VUL-0: CVE-2018-5378: quagga: bgpd bounds check issue via attribute length</issue>
  <issue id="1079799" tracker="bnc">EMU: VUL-0: CVE-2018-5379: quagga: bgpd double free when processing UPDATE message</issue>
  <issue id="2017-16227" tracker="cve" />
  <issue id="2018-5381" tracker="cve" />
  <issue id="2018-5380" tracker="cve" />
  <issue id="2018-5378" tracker="cve" />
  <issue id="2018-5379" tracker="cve" />
  <category>security</category>
  <rating>important</rating>
  <packager>mtomaschewski</packager>
  <description>This update for quagga fixes the following issues:

- CVE-2017-16227: Fixed bgpd DoS via specially crafted BGP UPDATE messages (boo#1065641)
- CVE-2018-5378: Fixed bgpd bounds check issue via attribute length (Quagga-2018-0543,boo#1079798)
- CVE-2018-5379: Fixed bgpd double free when processing UPDATE message (Quagga-2018-1114,boo#1079799)
- CVE-2018-5380: Fixed bgpd code-to-string conversion tables overrun (Quagga-2018-1550,boo#1079800)
- CVE-2018-5381: Fixed bgpd infinite loop on certain invalid OPEN messages (Quagga-2018-1975,boo#1079801)
</description>
  <summary>Security update for quagga</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places