Debian 10169 Published by

Updated quagga packages has been released for Debian 7 LTS



Package : quagga
Version : 0.99.22.4-1+wheezy3+deb7u1
CVE ID : CVE-2016-1245
Debian Bug : 841162

It was discovered that there was stack overrun in IPv6 RA receive code in
quagga, a BGP/OSPF/RIP routing daemon.

The buffer size specified when receiving mixed up two constants that have
different values.

For Debian 7 "Wheezy", this issue has been fixed in quagga version
0.99.22.4-1+wheezy3+deb7u1.

We recommend that you upgrade your quagga packages.