Stay Secure with the Latest Linux Advisories

security advisoryhigh severityfedora

Fedora 24 Quagga Update: CVE-2017-5495 High Severity Buffer Overflow

Fix for CVE-2017-5495. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2017-ba9c6a3634 2017-02-24 18:39:41.039018 -------------------------------------------------------------------------------- Name : quagga Product : Fedora 24 Version : 0.99.24.1 Release : 5.fc24 URL : Summary : Routing daemon Description : Quagga is free software that operates TCP/IP-based routing protocols. It takes a multi-server and multi-threaded approach to resolving the current complexity of the Internet. Quagga supports Babel, BGP4, BGP4+, BGP4-, IS-IS (experimental), OSPFv2, OSPFv3, RIPv1, RIPv2, and RIPng. Quagga is intended to be used as a Route Server and a Route Reflector. It is not a toolkit; it provides full routing power under a new architecture. Quagga by design has a process for each protocol. Quagga is a fork of GNU Zebra. -------------------------------------------------------------------------------- Update Information: Fix for CVE-2017-5495 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1416017 - CVE-2017-5495 quagga: Telnet interface input buffer allocates unbounded amounts of memory [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1416017 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade quagga' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email This email address is being protected from spambots. You need JavaScript enabled to view it. . Ubuntu 16.04 enhances openvpn to mitigate CVE-2020-15078 critical vulnerability with improved stability.. Fedora Quagga Update, Buffer Overflow Fix, Security Advisory High. . LinuxSecurity.com Team

Feb 24, 2017 Fedora