[quagga-dev 10002] 0.99.21.1 coming up

David Lamparter equinox at opensourcerouting.org
Sat Nov 17 04:29:54 GMT 2012


Hi everyone,


I've just pushed a "stable/0.99.21" branch to Savannah git.  It contains
two fixes:
dde68f7 bgpd: CVE-2012-1820, DoS in bgp_capability_orf()
aaa964a lib: fix thread_cancel_event()

The thread_cancel_event fix warrants a 0.99.21.1 release, it seriously
breaks ospfd.  (The severity of this issue hasn't been apparent to me,
sadly.)  The bgp DoS only rides along, it's not actually a high-severity
problem, but e.g. Debian applies it anyway so we might as well include
it.

If anyone would like to see other seriously-important patches in this
release, please drop a mail, I'll wait for a few days.  It needs to be
"showstopper" level though.

(0.99.22 isn't far away though.)

Cheers,


-David
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 230 bytes
Desc: Digital signature
URL: <http://lists.quagga.net/pipermail/quagga-dev/attachments/20121117/48db2c5e/attachment-0001.sig>


More information about the Quagga-dev mailing list