Description: | It was discovered that Quagga incorrectly parsed certain malformed extended communities. A remote attacker could use this flaw to cause Quagga to crash, resulting in a denial of service. It was discovered that Quagga resets BGP sessions when encountering malformed AS_PATHLIMIT attributes. A remote attacker could use this flaw to disrupt BGP sessions, resulting in a denial of service. This update removes AS_PATHLIMIT support from Quagga. This issue only affected Ubuntu 8.04 LTS, 9.10, 10.04 LTS and 10.10 |