summaryrefslogtreecommitdiffstats
path: root/package/quagga/0008-bgpd-security-fix-infinite-loop-on-certain-invalid-O.patch
diff options
context:
space:
mode:
authorFabrice Fontaine <fontaine.fabrice@gmail.com>2018-12-01 21:40:47 +0100
committerThomas Petazzoni <thomas.petazzoni@bootlin.com>2018-12-01 22:47:01 +0100
commit3ab5fd69bcfc942d307dc7330aa9c8b9afc5b13d (patch)
tree8ec0b045ae92780861a3d1182b647e57bc014e1d /package/quagga/0008-bgpd-security-fix-infinite-loop-on-certain-invalid-O.patch
parenta6dc02327a5088c89413174b90d562ef1ca345ca (diff)
downloadbuildroot-3ab5fd69bcfc942d307dc7330aa9c8b9afc5b13d.tar.gz
buildroot-3ab5fd69bcfc942d307dc7330aa9c8b9afc5b13d.zip
package/quagga: bump to version 1.2.3
- Remove all patches except the first one as they are already in this version - Remove AUTORECONF = YES as we're not patching any *.ac files anymore - Disable new nhrpd option - Add hash for license file Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Diffstat (limited to 'package/quagga/0008-bgpd-security-fix-infinite-loop-on-certain-invalid-O.patch')
-rw-r--r--package/quagga/0008-bgpd-security-fix-infinite-loop-on-certain-invalid-O.patch43
1 files changed, 0 insertions, 43 deletions
diff --git a/package/quagga/0008-bgpd-security-fix-infinite-loop-on-certain-invalid-O.patch b/package/quagga/0008-bgpd-security-fix-infinite-loop-on-certain-invalid-O.patch
deleted file mode 100644
index 0a06da9330..0000000000
--- a/package/quagga/0008-bgpd-security-fix-infinite-loop-on-certain-invalid-O.patch
+++ /dev/null
@@ -1,43 +0,0 @@
-From ce07207c50a3d1f05d6dd49b5294282e59749787 Mon Sep 17 00:00:00 2001
-From: Paul Jakma <paul@jakma.org>
-Date: Sat, 6 Jan 2018 21:20:51 +0000
-Subject: [PATCH] bgpd/security: fix infinite loop on certain invalid OPEN
- messages
-
-Security issue: Quagga-2018-1975
-See: https://www.quagga.net/security/Quagga-2018-1975.txt
-
-* bgpd/bgp_packet.c: (bgp_capability_msg_parse) capability parser can infinite
- loop due to checks that issue 'continue' without bumping the input
- pointer.
-
-Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
----
- bgpd/bgp_packet.c | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/bgpd/bgp_packet.c b/bgpd/bgp_packet.c
-index b3d601fc..f9338d8d 100644
---- a/bgpd/bgp_packet.c
-+++ b/bgpd/bgp_packet.c
-@@ -2328,7 +2328,8 @@ bgp_capability_msg_parse (struct peer *peer, u_char *pnt, bgp_size_t length)
-
- end = pnt + length;
-
-- while (pnt < end)
-+ /* XXX: Streamify this */
-+ for (; pnt < end; pnt += hdr->length + 3)
- {
- /* We need at least action, capability code and capability length. */
- if (pnt + 3 > end)
-@@ -2416,7 +2417,6 @@ bgp_capability_msg_parse (struct peer *peer, u_char *pnt, bgp_size_t length)
- zlog_warn ("%s unrecognized capability code: %d - ignored",
- peer->host, hdr->code);
- }
-- pnt += hdr->length + 3;
- }
- return 0;
- }
---
-2.11.0
-
OpenPOWER on IntegriCloud