Skip to navigation

Security Advisory Moderate: quagga security update

Advisory: RHSA-2007:0389-3
Type: Security Advisory
Severity: Moderate
Issued on: 2007-05-30
Last updated on: 2007-05-30
Affected Products: RHEL Desktop Workstation (v. 5 client)
Red Hat Desktop (v. 4)
Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux AS (v. 3)
Red Hat Enterprise Linux AS (v. 4)
Red Hat Enterprise Linux AS (v. 4.5.z)
Red Hat Enterprise Linux Desktop (v. 5 client)
Red Hat Enterprise Linux ES (v. 3)
Red Hat Enterprise Linux ES (v. 4)
Red Hat Enterprise Linux ES (v. 4.5.z)
Red Hat Enterprise Linux WS (v. 4)
CVEs (cve.mitre.org): CVE-2007-1995

Details

An updated quagga package that fixes a security bug is now available for
Red Hat Enterprise Linux 3, 4 and 5.

This update has been rated as having moderate security impact by the Red
Hat Security Response Team.

Quagga is a TCP/IP based routing software suite.

An out of bounds memory read flaw was discovered in Quagga's bgpd. A
configured peer of bgpd could cause Quagga to crash, leading to a denial of
service (CVE-2007-1995).

All users of Quagga should upgrade to this updated package, which
contains a backported patch to correct these issues.


Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

Updated packages

RHEL Desktop Workstation (v. 5 client)

SRPMS:
quagga-0.98.6-2.1.0.1.el5.src.rpm
File outdated by:  RHBA-2013:0050
    MD5: 1d64841e5ed794a24d0f48733e707da9
 
IA-32:
quagga-0.98.6-2.1.0.1.el5.i386.rpm
File outdated by:  RHBA-2013:0050
    MD5: 2fdbeb14e9d3bb600ef45763a81fee22
quagga-devel-0.98.6-2.1.0.1.el5.i386.rpm
File outdated by:  RHBA-2013:0050
    MD5: 8702f9b15db3e6306e30e0868dd75bc0
 
x86_64:
quagga-0.98.6-2.1.0.1.el5.x86_64.rpm
File outdated by:  RHBA-2013:0050
    MD5: 0987ef5121437610bac02e48bd7891f5
quagga-devel-0.98.6-2.1.0.1.el5.i386.rpm
File outdated by:  RHBA-2013:0050
    MD5: 8702f9b15db3e6306e30e0868dd75bc0
quagga-devel-0.98.6-2.1.0.1.el5.x86_64.rpm
File outdated by:  RHBA-2013:0050
    MD5: 181cbfd3e861b349bdd53a0a61d83207
 
Red Hat Desktop (v. 4)

SRPMS:
quagga-0.98.3-2.4.0.1.el4.src.rpm
File outdated by:  RHSA-2010:0785
    MD5: ba9b0798eb3bf412215607748ee78a93
 
IA-32:
quagga-0.98.3-2.4.0.1.el4.i386.rpm
File outdated by:  RHSA-2010:0785
    MD5: 7b4963d0556e751fab31a88aa97c0d91
quagga-contrib-0.98.3-2.4.0.1.el4.i386.rpm
File outdated by:  RHSA-2010:0785
    MD5: 8087fd89788ca76f61346afac21a5c57
quagga-devel-0.98.3-2.4.0.1.el4.i386.rpm
File outdated by:  RHSA-2010:0785
    MD5: 98d12683e69ed1746a069cab3ed2ab8c
 
x86_64:
quagga-0.98.3-2.4.0.1.el4.x86_64.rpm
File outdated by:  RHSA-2010:0785
    MD5: 77a22492b6a89183c6a9f11404efbebe
quagga-contrib-0.98.3-2.4.0.1.el4.x86_64.rpm
File outdated by:  RHSA-2010:0785
    MD5: 8cbfe6680c938fdd4523cd4ff9aa73d6
quagga-devel-0.98.3-2.4.0.1.el4.x86_64.rpm
File outdated by:  RHSA-2010:0785
    MD5: 2560f6a1a5d3fae597fd6d89ba6c978d
 
Red Hat Enterprise Linux (v. 5 server)

SRPMS:
quagga-0.98.6-2.1.0.1.el5.src.rpm
File outdated by:  RHBA-2013:0050
    MD5: 1d64841e5ed794a24d0f48733e707da9
 
IA-32:
quagga-0.98.6-2.1.0.1.el5.i386.rpm
File outdated by:  RHBA-2013:0050
    MD5: 2fdbeb14e9d3bb600ef45763a81fee22
quagga-contrib-0.98.6-2.1.0.1.el5.i386.rpm
File outdated by:  RHBA-2013:0050
    MD5: 35c3581f87e78cfbf18013bbba6232f9
quagga-devel-0.98.6-2.1.0.1.el5.i386.rpm
File outdated by:  RHBA-2013:0050
    MD5: 8702f9b15db3e6306e30e0868dd75bc0
 
IA-64:
quagga-0.98.6-2.1.0.1.el5.ia64.rpm
File outdated by:  RHBA-2013:0050
    MD5: 02a41e3a5d0a6ed1e3ca1e5b46011556
quagga-contrib-0.98.6-2.1.0.1.el5.ia64.rpm
File outdated by:  RHBA-2013:0050
    MD5: 1cd4315a4469a3724e63b280807ed52a
quagga-devel-0.98.6-2.1.0.1.el5.ia64.rpm
File outdated by:  RHBA-2013:0050
    MD5: 032dd760b3b5b551699c71cd4ad87ef8
 
PPC:
quagga-0.98.6-2.1.0.1.el5.ppc.rpm
File outdated by:  RHBA-2013:0050
    MD5: 24577692f775a7850bb46f641f086902
quagga-contrib-0.98.6-2.1.0.1.el5.ppc.rpm
File outdated by:  RHBA-2013:0050
    MD5: 9231735a9c7b6de4e7d3aa9fd812347b
quagga-devel-0.98.6-2.1.0.1.el5.ppc.rpm
File outdated by:  RHBA-2013:0050
    MD5: 2307145b1626798732d713c09916c8e9
quagga-devel-0.98.6-2.1.0.1.el5.ppc64.rpm
File outdated by:  RHBA-2013:0050
    MD5: 7809a9dac1124ea4c089e4779cc2d7ee
 
s390x:
quagga-0.98.6-2.1.0.1.el5.s390x.rpm
File outdated by:  RHBA-2013:0050
    MD5: 0fa9307e4687de388a339c7f51bf1766
quagga-contrib-0.98.6-2.1.0.1.el5.s390x.rpm
File outdated by:  RHBA-2013:0050
    MD5: 64b7271d19d4681d0e934a01152b0923
quagga-devel-0.98.6-2.1.0.1.el5.s390.rpm
File outdated by:  RHBA-2013:0050
    MD5: 5b4353f0b0eaf10a94572e9e2b3d7744
quagga-devel-0.98.6-2.1.0.1.el5.s390x.rpm
File outdated by:  RHBA-2013:0050
    MD5: 92efc3c0bd9f4846232685993f5a77e2
 
x86_64:
quagga-0.98.6-2.1.0.1.el5.x86_64.rpm
File outdated by:  RHBA-2013:0050
    MD5: 0987ef5121437610bac02e48bd7891f5
quagga-contrib-0.98.6-2.1.0.1.el5.x86_64.rpm
File outdated by:  RHBA-2013:0050
    MD5: a5fba67b2fd29ed439d6797b2943e827
quagga-devel-0.98.6-2.1.0.1.el5.i386.rpm
File outdated by:  RHBA-2013:0050
    MD5: 8702f9b15db3e6306e30e0868dd75bc0
quagga-devel-0.98.6-2.1.0.1.el5.x86_64.rpm
File outdated by:  RHBA-2013:0050
    MD5: 181cbfd3e861b349bdd53a0a61d83207
 
Red Hat Enterprise Linux AS (v. 3)

SRPMS:
quagga-0.96.2-12.3E.src.rpm     MD5: 9b2a9057527aa3fac2e42e575023e435
 
IA-32:
quagga-0.96.2-12.3E.i386.rpm     MD5: 230805b62ca30d07e14e67d635335148
 
IA-64:
quagga-0.96.2-12.3E.ia64.rpm     MD5: 1e209b51d480b4312d1c585b5ec8f806
 
PPC:
quagga-0.96.2-12.3E.ppc.rpm     MD5: cc0d299da2e87780b0d4f5b7b9b053a5
 
s390:
quagga-0.96.2-12.3E.s390.rpm     MD5: 0103fdf597ee9156c92858450e1f820d
 
s390x:
quagga-0.96.2-12.3E.s390x.rpm     MD5: 19819ab069fea8e5e8019d0ff3c74296
 
x86_64:
quagga-0.96.2-12.3E.x86_64.rpm     MD5: dcb34f4e0fbb6cbab45f2ea206881bde
 
Red Hat Enterprise Linux AS (v. 4)

SRPMS:
quagga-0.98.3-2.4.0.1.el4.src.rpm
File outdated by:  RHSA-2010:0785
    MD5: ba9b0798eb3bf412215607748ee78a93
 
IA-32:
quagga-0.98.3-2.4.0.1.el4.i386.rpm
File outdated by:  RHSA-2010:0785
    MD5: 7b4963d0556e751fab31a88aa97c0d91
quagga-contrib-0.98.3-2.4.0.1.el4.i386.rpm
File outdated by:  RHSA-2010:0785
    MD5: 8087fd89788ca76f61346afac21a5c57
quagga-devel-0.98.3-2.4.0.1.el4.i386.rpm
File outdated by:  RHSA-2010:0785
    MD5: 98d12683e69ed1746a069cab3ed2ab8c
 
IA-64:
quagga-0.98.3-2.4.0.1.el4.ia64.rpm
File outdated by:  RHSA-2010:0785
    MD5: 14d81325a5114e26f3646896cde2130e
quagga-contrib-0.98.3-2.4.0.1.el4.ia64.rpm
File outdated by:  RHSA-2010:0785
    MD5: c37ccff3374018a0dde3dcf6bc61dde2
quagga-devel-0.98.3-2.4.0.1.el4.ia64.rpm
File outdated by:  RHSA-2010:0785
    MD5: 2b0fff551fa4e804af9c25030b90754c
 
PPC:
quagga-0.98.3-2.4.0.1.el4.ppc.rpm
File outdated by:  RHSA-2010:0785
    MD5: 3af09cc9f302463afc09f96119a1f7b2
quagga-contrib-0.98.3-2.4.0.1.el4.ppc.rpm
File outdated by:  RHSA-2010:0785
    MD5: 66c6c8307e1dbfc3cf398c87d02f7e00
quagga-devel-0.98.3-2.4.0.1.el4.ppc.rpm
File outdated by:  RHSA-2010:0785
    MD5: 46ddd45a20bf8e15c2dba2a6a6731c67
 
s390:
quagga-0.98.3-2.4.0.1.el4.s390.rpm
File outdated by:  RHSA-2010:0785
    MD5: 6b96e228ff8653fb48ce1b8be30840de
quagga-contrib-0.98.3-2.4.0.1.el4.s390.rpm
File outdated by:  RHSA-2010:0785
    MD5: 4467a1635138391d6a53d504c6ece04f
quagga-devel-0.98.3-2.4.0.1.el4.s390.rpm
File outdated by:  RHSA-2010:0785
    MD5: a28f266e2dd63271abdc1c4668f9792d
 
s390x:
quagga-0.98.3-2.4.0.1.el4.s390x.rpm
File outdated by:  RHSA-2010:0785
    MD5: b035e5d101ba52f6e4443ad54f4b1623
quagga-contrib-0.98.3-2.4.0.1.el4.s390x.rpm
File outdated by:  RHSA-2010:0785
    MD5: a2a88f9ab14a878c6afcda99eebb497e
quagga-devel-0.98.3-2.4.0.1.el4.s390x.rpm
File outdated by:  RHSA-2010:0785
    MD5: 1d7a63a44e1e448accbbeae44df09e88
 
x86_64:
quagga-0.98.3-2.4.0.1.el4.x86_64.rpm
File outdated by:  RHSA-2010:0785
    MD5: 77a22492b6a89183c6a9f11404efbebe
quagga-contrib-0.98.3-2.4.0.1.el4.x86_64.rpm
File outdated by:  RHSA-2010:0785
    MD5: 8cbfe6680c938fdd4523cd4ff9aa73d6
quagga-devel-0.98.3-2.4.0.1.el4.x86_64.rpm
File outdated by:  RHSA-2010:0785
    MD5: 2560f6a1a5d3fae597fd6d89ba6c978d
 
Red Hat Enterprise Linux AS (v. 4.5.z)

SRPMS:
quagga-0.98.3-2.4.0.1.el4.src.rpm
File outdated by:  RHSA-2010:0785
    MD5: ba9b0798eb3bf412215607748ee78a93
 
IA-32:
quagga-0.98.3-2.4.0.1.el4.i386.rpm     MD5: 7b4963d0556e751fab31a88aa97c0d91
quagga-contrib-0.98.3-2.4.0.1.el4.i386.rpm     MD5: 8087fd89788ca76f61346afac21a5c57
quagga-devel-0.98.3-2.4.0.1.el4.i386.rpm     MD5: 98d12683e69ed1746a069cab3ed2ab8c
 
IA-64:
quagga-0.98.3-2.4.0.1.el4.ia64.rpm     MD5: 14d81325a5114e26f3646896cde2130e
quagga-contrib-0.98.3-2.4.0.1.el4.ia64.rpm     MD5: c37ccff3374018a0dde3dcf6bc61dde2
quagga-devel-0.98.3-2.4.0.1.el4.ia64.rpm     MD5: 2b0fff551fa4e804af9c25030b90754c
 
PPC:
quagga-0.98.3-2.4.0.1.el4.ppc.rpm     MD5: 3af09cc9f302463afc09f96119a1f7b2
quagga-contrib-0.98.3-2.4.0.1.el4.ppc.rpm     MD5: 66c6c8307e1dbfc3cf398c87d02f7e00
quagga-devel-0.98.3-2.4.0.1.el4.ppc.rpm     MD5: 46ddd45a20bf8e15c2dba2a6a6731c67
 
s390:
quagga-0.98.3-2.4.0.1.el4.s390.rpm     MD5: 6b96e228ff8653fb48ce1b8be30840de
quagga-contrib-0.98.3-2.4.0.1.el4.s390.rpm     MD5: 4467a1635138391d6a53d504c6ece04f
quagga-devel-0.98.3-2.4.0.1.el4.s390.rpm     MD5: a28f266e2dd63271abdc1c4668f9792d
 
s390x:
quagga-0.98.3-2.4.0.1.el4.s390x.rpm     MD5: b035e5d101ba52f6e4443ad54f4b1623
quagga-contrib-0.98.3-2.4.0.1.el4.s390x.rpm     MD5: a2a88f9ab14a878c6afcda99eebb497e
quagga-devel-0.98.3-2.4.0.1.el4.s390x.rpm     MD5: 1d7a63a44e1e448accbbeae44df09e88
 
x86_64:
quagga-0.98.3-2.4.0.1.el4.x86_64.rpm     MD5: 77a22492b6a89183c6a9f11404efbebe
quagga-contrib-0.98.3-2.4.0.1.el4.x86_64.rpm     MD5: 8cbfe6680c938fdd4523cd4ff9aa73d6
quagga-devel-0.98.3-2.4.0.1.el4.x86_64.rpm     MD5: 2560f6a1a5d3fae597fd6d89ba6c978d
 
Red Hat Enterprise Linux Desktop (v. 5 client)

SRPMS:
quagga-0.98.6-2.1.0.1.el5.src.rpm
File outdated by:  RHBA-2013:0050
    MD5: 1d64841e5ed794a24d0f48733e707da9
 
IA-32:
quagga-contrib-0.98.6-2.1.0.1.el5.i386.rpm
File outdated by:  RHBA-2013:0050
    MD5: 35c3581f87e78cfbf18013bbba6232f9
 
x86_64:
quagga-contrib-0.98.6-2.1.0.1.el5.x86_64.rpm
File outdated by:  RHBA-2013:0050
    MD5: a5fba67b2fd29ed439d6797b2943e827
 
Red Hat Enterprise Linux ES (v. 3)

SRPMS:
quagga-0.96.2-12.3E.src.rpm     MD5: 9b2a9057527aa3fac2e42e575023e435
 
IA-32:
quagga-0.96.2-12.3E.i386.rpm     MD5: 230805b62ca30d07e14e67d635335148
 
IA-64:
quagga-0.96.2-12.3E.ia64.rpm     MD5: 1e209b51d480b4312d1c585b5ec8f806
 
x86_64:
quagga-0.96.2-12.3E.x86_64.rpm     MD5: dcb34f4e0fbb6cbab45f2ea206881bde
 
Red Hat Enterprise Linux ES (v. 4)

SRPMS:
quagga-0.98.3-2.4.0.1.el4.src.rpm
File outdated by:  RHSA-2010:0785
    MD5: ba9b0798eb3bf412215607748ee78a93
 
IA-32:
quagga-0.98.3-2.4.0.1.el4.i386.rpm
File outdated by:  RHSA-2010:0785
    MD5: 7b4963d0556e751fab31a88aa97c0d91
quagga-contrib-0.98.3-2.4.0.1.el4.i386.rpm
File outdated by:  RHSA-2010:0785
    MD5: 8087fd89788ca76f61346afac21a5c57
quagga-devel-0.98.3-2.4.0.1.el4.i386.rpm
File outdated by:  RHSA-2010:0785
    MD5: 98d12683e69ed1746a069cab3ed2ab8c
 
IA-64:
quagga-0.98.3-2.4.0.1.el4.ia64.rpm
File outdated by:  RHSA-2010:0785
    MD5: 14d81325a5114e26f3646896cde2130e
quagga-contrib-0.98.3-2.4.0.1.el4.ia64.rpm
File outdated by:  RHSA-2010:0785
    MD5: c37ccff3374018a0dde3dcf6bc61dde2
quagga-devel-0.98.3-2.4.0.1.el4.ia64.rpm
File outdated by:  RHSA-2010:0785
    MD5: 2b0fff551fa4e804af9c25030b90754c
 
x86_64:
quagga-0.98.3-2.4.0.1.el4.x86_64.rpm
File outdated by:  RHSA-2010:0785
    MD5: 77a22492b6a89183c6a9f11404efbebe
quagga-contrib-0.98.3-2.4.0.1.el4.x86_64.rpm
File outdated by:  RHSA-2010:0785
    MD5: 8cbfe6680c938fdd4523cd4ff9aa73d6
quagga-devel-0.98.3-2.4.0.1.el4.x86_64.rpm
File outdated by:  RHSA-2010:0785
    MD5: 2560f6a1a5d3fae597fd6d89ba6c978d
 
Red Hat Enterprise Linux ES (v. 4.5.z)

SRPMS:
quagga-0.98.3-2.4.0.1.el4.src.rpm
File outdated by:  RHSA-2010:0785
    MD5: ba9b0798eb3bf412215607748ee78a93
 
IA-32:
quagga-0.98.3-2.4.0.1.el4.i386.rpm     MD5: 7b4963d0556e751fab31a88aa97c0d91
quagga-contrib-0.98.3-2.4.0.1.el4.i386.rpm     MD5: 8087fd89788ca76f61346afac21a5c57
quagga-devel-0.98.3-2.4.0.1.el4.i386.rpm     MD5: 98d12683e69ed1746a069cab3ed2ab8c
 
IA-64:
quagga-0.98.3-2.4.0.1.el4.ia64.rpm     MD5: 14d81325a5114e26f3646896cde2130e
quagga-contrib-0.98.3-2.4.0.1.el4.ia64.rpm     MD5: c37ccff3374018a0dde3dcf6bc61dde2
quagga-devel-0.98.3-2.4.0.1.el4.ia64.rpm     MD5: 2b0fff551fa4e804af9c25030b90754c
 
x86_64:
quagga-0.98.3-2.4.0.1.el4.x86_64.rpm     MD5: 77a22492b6a89183c6a9f11404efbebe
quagga-contrib-0.98.3-2.4.0.1.el4.x86_64.rpm     MD5: 8cbfe6680c938fdd4523cd4ff9aa73d6
quagga-devel-0.98.3-2.4.0.1.el4.x86_64.rpm     MD5: 2560f6a1a5d3fae597fd6d89ba6c978d
 
Red Hat Enterprise Linux WS (v. 4)

SRPMS:
quagga-0.98.3-2.4.0.1.el4.src.rpm
File outdated by:  RHSA-2010:0785
    MD5: ba9b0798eb3bf412215607748ee78a93
 
IA-32:
quagga-0.98.3-2.4.0.1.el4.i386.rpm
File outdated by:  RHSA-2010:0785
    MD5: 7b4963d0556e751fab31a88aa97c0d91
quagga-contrib-0.98.3-2.4.0.1.el4.i386.rpm
File outdated by:  RHSA-2010:0785
    MD5: 8087fd89788ca76f61346afac21a5c57
quagga-devel-0.98.3-2.4.0.1.el4.i386.rpm
File outdated by:  RHSA-2010:0785
    MD5: 98d12683e69ed1746a069cab3ed2ab8c
 
IA-64:
quagga-0.98.3-2.4.0.1.el4.ia64.rpm
File outdated by:  RHSA-2010:0785
    MD5: 14d81325a5114e26f3646896cde2130e
quagga-contrib-0.98.3-2.4.0.1.el4.ia64.rpm
File outdated by:  RHSA-2010:0785
    MD5: c37ccff3374018a0dde3dcf6bc61dde2
quagga-devel-0.98.3-2.4.0.1.el4.ia64.rpm
File outdated by:  RHSA-2010:0785
    MD5: 2b0fff551fa4e804af9c25030b90754c
 
x86_64:
quagga-0.98.3-2.4.0.1.el4.x86_64.rpm
File outdated by:  RHSA-2010:0785
    MD5: 77a22492b6a89183c6a9f11404efbebe
quagga-contrib-0.98.3-2.4.0.1.el4.x86_64.rpm
File outdated by:  RHSA-2010:0785
    MD5: 8cbfe6680c938fdd4523cd4ff9aa73d6
quagga-devel-0.98.3-2.4.0.1.el4.x86_64.rpm
File outdated by:  RHSA-2010:0785
    MD5: 2560f6a1a5d3fae597fd6d89ba6c978d
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

240478 - CVE-2007-1995 Quagga bgpd DoS


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/