diff options
author | Timo Teräs <timo.teras@iki.fi> | 2016-10-19 06:17:43 +0000 |
---|---|---|
committer | Timo Teräs <timo.teras@iki.fi> | 2016-10-19 06:20:53 +0000 |
commit | e4fed6b3b632ea33c27703d1557f82af5628ae32 (patch) | |
tree | 057d0361dc33e94694742bb467a01ad56305558d | |
parent | c1ee0fbf675db00123c18ab2703a51138b5a69dd (diff) | |
download | alpine_aports-e4fed6b3b632ea33c27703d1557f82af5628ae32.tar.bz2 alpine_aports-e4fed6b3b632ea33c27703d1557f82af5628ae32.tar.xz alpine_aports-e4fed6b3b632ea33c27703d1557f82af5628ae32.zip |
main/quagga: security upgrade to 1.0.20161017
CVE-2016-1245 Stack buffer overflow in zebra on Linux, if IPv6 and
IPv6 neighbour discovery router advertisements (SLAC) are enabled ("no
ipv6 nd suppress-ra"). Thanks to David Lamparter for reporting and
fixing this issue.
CVE-2016-4049 A controlled crash, leading to a DoS, in the BGP MRT
route dumping code, if a prefix had too many entries to write to one
record. Thanks to Evgeny Uskov for reporting and fixing this issue.
-rw-r--r-- | main/quagga/APKBUILD | 13 |
1 files changed, 6 insertions, 7 deletions
diff --git a/main/quagga/APKBUILD b/main/quagga/APKBUILD index 48523f8bf3..ca3cfbd9df 100644 --- a/main/quagga/APKBUILD +++ b/main/quagga/APKBUILD | |||
@@ -1,7 +1,7 @@ | |||
1 | # Maintainer: Natanael Copa <ncopa@alpinelinux.org> | 1 | # Maintainer: Natanael Copa <ncopa@alpinelinux.org> |
2 | pkgname=quagga | 2 | pkgname=quagga |
3 | pkgver=1.0.20160315 | 3 | pkgver=1.0.20161017 |
4 | pkgrel=1 | 4 | pkgrel=0 |
5 | pkgdesc="A free routing daemon replacing Zebra supporting RIP, OSPF and BGP." | 5 | pkgdesc="A free routing daemon replacing Zebra supporting RIP, OSPF and BGP." |
6 | url="http://quagga.net/" | 6 | url="http://quagga.net/" |
7 | arch="all" | 7 | arch="all" |
@@ -12,7 +12,7 @@ install="$pkgname.pre-install $pkgname.post-install $pkgname.post-upgrade" | |||
12 | subpackages="$pkgname-dev $pkgname-doc $pkgname-dbg" | 12 | subpackages="$pkgname-dev $pkgname-doc $pkgname-dbg" |
13 | pkgusers="quagga" | 13 | pkgusers="quagga" |
14 | pkggroups="quagga" | 14 | pkggroups="quagga" |
15 | source="http://download.savannah.gnu.org/releases/quagga/quagga-$pkgver.tar.xz | 15 | source="http://download.savannah.gnu.org/releases/quagga/quagga-$pkgver.tar.gz |
16 | dont-hook-core-signals.patch | 16 | dont-hook-core-signals.patch |
17 | 17 | ||
18 | bgpd.initd | 18 | bgpd.initd |
@@ -23,7 +23,6 @@ source="http://download.savannah.gnu.org/releases/quagga/quagga-$pkgver.tar.xz | |||
23 | _builddir="$srcdir"/$pkgname-$pkgver | 23 | _builddir="$srcdir"/$pkgname-$pkgver |
24 | prepare() { | 24 | prepare() { |
25 | cd "$_builddir" | 25 | cd "$_builddir" |
26 | update_config_sub || return 1 | ||
27 | for i in $source; do | 26 | for i in $source; do |
28 | case $i in | 27 | case $i in |
29 | *.patch) msg $i; patch -p1 -i "$srcdir"/$i || return 1;; | 28 | *.patch) msg $i; patch -p1 -i "$srcdir"/$i || return 1;; |
@@ -71,17 +70,17 @@ package() { | |||
71 | install -Dm644 "$srcdir/zebra.confd" "$pkgdir"/etc/conf.d/zebra | 70 | install -Dm644 "$srcdir/zebra.confd" "$pkgdir"/etc/conf.d/zebra |
72 | install -o quagga -g quagga -d -m755 "$pkgdir"/etc/quagga | 71 | install -o quagga -g quagga -d -m755 "$pkgdir"/etc/quagga |
73 | } | 72 | } |
74 | md5sums="61bfd0c8fb696dd778234ee8b05821bc quagga-1.0.20160315.tar.xz | 73 | md5sums="35d83481b189ca55f82116ec147305fa quagga-1.0.20161017.tar.gz |
75 | 1224ba91ea6b6e81f583bad7813aba98 dont-hook-core-signals.patch | 74 | 1224ba91ea6b6e81f583bad7813aba98 dont-hook-core-signals.patch |
76 | 09a77e2e84e71c43f5a449738c026261 bgpd.initd | 75 | 09a77e2e84e71c43f5a449738c026261 bgpd.initd |
77 | 916f1dd1a286ee7b862cda4fe56cbf21 zebra.initd | 76 | 916f1dd1a286ee7b862cda4fe56cbf21 zebra.initd |
78 | 34e06a1d2bc602ce691abc9ed169dd15 zebra.confd" | 77 | 34e06a1d2bc602ce691abc9ed169dd15 zebra.confd" |
79 | sha256sums="d284af5dd875dbba90ab875d40db5d68fdc9ede17a76f2af525f85344be56767 quagga-1.0.20160315.tar.xz | 78 | sha256sums="8f26724ddb7419f3912f80ce8f13689190289e0022cf09921d0a403fd7714918 quagga-1.0.20161017.tar.gz |
80 | 4b71588e34ac14f8d6e72e6064b5e4ec302f286ebbe43df94c97411cceb66a23 dont-hook-core-signals.patch | 79 | 4b71588e34ac14f8d6e72e6064b5e4ec302f286ebbe43df94c97411cceb66a23 dont-hook-core-signals.patch |
81 | aab037454c6a70cd5cb45e14c47b7dfea358f8d81c7d12418edcf7e58a86c679 bgpd.initd | 80 | aab037454c6a70cd5cb45e14c47b7dfea358f8d81c7d12418edcf7e58a86c679 bgpd.initd |
82 | c1d7526581927e990e687cbd5d08447eb060f76a439475572785b5b90c60c460 zebra.initd | 81 | c1d7526581927e990e687cbd5d08447eb060f76a439475572785b5b90c60c460 zebra.initd |
83 | f7a52d383f60270a5a8fee5d4ac522c5c0ec2b7c4b5252cff54e260f32d9b323 zebra.confd" | 82 | f7a52d383f60270a5a8fee5d4ac522c5c0ec2b7c4b5252cff54e260f32d9b323 zebra.confd" |
84 | sha512sums="ad633d189017a2cef68cf1653b85e082a0dc4fe146720a985da8cdf2aa4c61f2df8a8339419c986e9d74aa88f7f7109bc6d0c13d9ff4904a23852cee3e112edc quagga-1.0.20160315.tar.xz | 83 | sha512sums="3f284b55c89ace6fb105a36211033db72dabec2ae0646ebaaaa3e5ddf6624e22fa2cde1c77ee1b9ee6c293048aec4faac65b1796fba7164ae683b223e1c1f30c quagga-1.0.20161017.tar.gz |
85 | 5ef5c5e6d70d991b33b13a062e25b6fbde395dceee36aea29384b0640a48d2957ed5f50d416a1f2f770bf69bae2340133e35b1114be7e1fa722eb6d3d021f37a dont-hook-core-signals.patch | 84 | 5ef5c5e6d70d991b33b13a062e25b6fbde395dceee36aea29384b0640a48d2957ed5f50d416a1f2f770bf69bae2340133e35b1114be7e1fa722eb6d3d021f37a dont-hook-core-signals.patch |
86 | 13b5b57e10df013bd2d931abc49bf76b8c4dee59dbceab22c9f151ccb988b2c5f7167f2909027d5e0f990b59da8de115667b02484aee9a67d347625700f6cacd bgpd.initd | 85 | 13b5b57e10df013bd2d931abc49bf76b8c4dee59dbceab22c9f151ccb988b2c5f7167f2909027d5e0f990b59da8de115667b02484aee9a67d347625700f6cacd bgpd.initd |
87 | 1638a4a64ffd066b1884f7e5a4243edab68739aabd83bd35ea8c9608af7b8623eece1d59fb08feead84e4386b6d1da4220764ccf5fd7f2a9959a8470d5cce86a zebra.initd | 86 | 1638a4a64ffd066b1884f7e5a4243edab68739aabd83bd35ea8c9608af7b8623eece1d59fb08feead84e4386b6d1da4220764ccf5fd7f2a9959a8470d5cce86a zebra.initd |