Upstream has announced version 1.2.3 on February 15: http://openwall.com/lists/oss-security/2018/02/15/4 It fixes several security issues. Mageia 5 and Mageia 6 are also affected.
Whiteboard: (none) => MGA6TOO
Apparently these issues have CVEs, they were just missing from the upstream advisories. Debian has issued an advisory for this on February 15: https://www.debian.org/security/2018/dsa-4115
Status comment: (none) => Fixed upstream in 1.2.3 and Debian has patchesSummary: quagga new security issues fixed upstream in 1.2.3 => quagga new security issues fixed upstream in 1.2.3 (CVE-2018-537[89] and CVE-2018-538[01])
Ubuntu has as well: https://usn.ubuntu.com/usn/usn-3573-1/
Assignee: bugsquad => pkg-bugsSeverity: normal => majorCC: (none) => jackal.j
CVE: (none) => CVE-2018-5378 CVE-2018-5379 CVE-2018-5380 CVE-2018-5381CC: (none) => smelrorAssignee: pkg-bugs => smelror
quagga-1.2.3-1.mga7 uploaded for Cauldron by Stig-Ørjan.
Whiteboard: MGA6TOO => (none)Version: Cauldron => 6
Advisory ======== This is an update to fix several security issues. 1. CVE-2018-5379: Fix double free of unknown attribute 2. CVE-2018-5380: debug print of received NOTIFY data can over-read msg array 3. CVE-2018-5381: fix infinite loop on certain invalid OPEN messages References ========== 1. https://www.quagga.net/security/Quagga-2018-1114.txt 2. https://www.quagga.net/security/Quagga-2018-1550.txt 3. https://www.quagga.net/security/Quagga-2018-1975.txt Files ===== The following files has been uploaded to core/updates_testing: quagga-0.99.24.1-6.1.mga6 lib64quagga0-0.99.24.1-6.1.mga6 lib64quagga-devel-0.99.24.1-6.1.mga6 quagga-contrib-0.99.24.1-6.1.mga6 from quagga-0.99.24.1-6.1.mga6.src.rpm
Assignee: smelror => qa-bugs
Make sure you include the DSA or Ubuntu advisory in the references, otherwise we have no source for the CVEs.
Advisory ======== This is an update to fix several security issues. 1. CVE-2018-5379: Fix double free of unknown attribute 2. CVE-2018-5380: debug print of received NOTIFY data can over-read msg array 3. CVE-2018-5381: fix infinite loop on certain invalid OPEN messages References ========== 1. https://nvd.nist.gov/vuln/detail/CVE-2018-5379 2. https://nvd.nist.gov/vuln/detail/CVE-2018-5380 3. https://nvd.nist.gov/vuln/detail/CVE-2018-5381 1. https://www.quagga.net/security/Quagga-2018-1114.txt 2. https://www.quagga.net/security/Quagga-2018-1550.txt 3. https://www.quagga.net/security/Quagga-2018-1975.txt Files ===== The following files has been uploaded to core/updates_testing: quagga-0.99.24.1-6.1.mga6 lib64quagga0-0.99.24.1-6.1.mga6 lib64quagga-devel-0.99.24.1-6.1.mga6 quagga-contrib-0.99.24.1-6.1.mga6 from quagga-0.99.24.1-6.1.mga6.src.rpm
Advisory ======== This is an update to fix several security issues. 1. CVE-2018-5379: Fix double free of unknown attribute 2. CVE-2018-5380: debug print of received NOTIFY data can over-read msg array 3. CVE-2018-5381: fix infinite loop on certain invalid OPEN messages References ========== https://www.debian.org/security/2018/dsa-4115 1. https://nvd.nist.gov/vuln/detail/CVE-2018-5379 2. https://nvd.nist.gov/vuln/detail/CVE-2018-5380 3. https://nvd.nist.gov/vuln/detail/CVE-2018-5381 1. https://www.quagga.net/security/Quagga-2018-1114.txt 2. https://www.quagga.net/security/Quagga-2018-1550.txt 3. https://www.quagga.net/security/Quagga-2018-1975.txt Files ===== The following files has been uploaded to core/updates_testing: quagga-0.99.24.1-6.1.mga6 lib64quagga0-0.99.24.1-6.1.mga6 lib64quagga-devel-0.99.24.1-6.1.mga6 quagga-contrib-0.99.24.1-6.1.mga6 from quagga-0.99.24.1-6.1.mga6.src.rpm
Mageia 6 :: x86_64 Tested several times before, e.g. bug #19619. Referring to bug #6512 for a test procedure. Installed the four packages then edited the configuration files in /etc/quagga/. # systemctl start zebra.service # systemctl start babeld.service Failed to start babeld.service: Unit babeld.service not found. # systemctl start bgpd # systemctl start ospfd # systemctl start ripngd # systemctl start ripd # systemctl start isisd # watchquagga -d zebra bgpd ospfd ripngd ripd ospf6d isisd # journalctl | grep watchquagga ....... Feb 19 11:07:38 difda watchquagga[19923]: zebra state -> up : connect succeeded Feb 19 11:07:55 difda watchquagga[19923]: bgpd state -> up : connect succeeded Feb 19 11:08:06 difda watchquagga[19923]: ripd state -> up : connect succeeded Feb 19 11:08:11 difda watchquagga[19923]: ripngd state -> up : connect succeeded Feb 19 11:09:11 difda watchquagga[19923]: ospfd state -> up : connect succeeded Feb 19 11:11:47 difda watchquagga[21641]: Could not lock pid_file /run/quagga/watchquagga.pid, exiting # systemctl stop isisd # systemctl restart zebra # journalctl | grep watchquagga ....... Feb 19 11:07:38 difda watchquagga[19923]: zebra state -> up : connect succeeded Feb 19 11:07:55 difda watchquagga[19923]: bgpd state -> up : connect succeeded Feb 19 11:08:06 difda watchquagga[19923]: ripd state -> up : connect succeeded Feb 19 11:08:11 difda watchquagga[19923]: ripngd state -> up : connect succeeded Feb 19 11:09:11 difda watchquagga[19923]: ospfd state -> up : connect succeeded # netstat -tapnl | grep ':26' tcp 0 0 0.0.0.0:2604 0.0.0.0:* LISTEN 29651/ospfd tcp 0 0 0.0.0.0:2605 0.0.0.0:* LISTEN 29652/bgpd tcp 0 0 0.0.0.0:2601 0.0.0.0:* LISTEN 29640/zebra tcp 0 0 0.0.0.0:2602 0.0.0.0:* LISTEN 29649/ripd tcp 0 0 0.0.0.0:2603 0.0.0.0:* LISTEN 29648/ripngd tcp6 0 0 :::2604 :::* LISTEN 29651/ospfd tcp6 0 0 :::2605 :::* LISTEN 29652/bgpd tcp6 0 0 :::2601 :::* LISTEN 29640/zebra tcp6 0 0 :::2602 :::* LISTEN 29649/ripd tcp6 0 0 :::2603 :::* LISTEN 29648/ripngd # systemctl start ospf6d # journalctl | grep watchquagga Feb 19 11:56:44 difda watchquagga[19923]: ospf6d state -> up : connect succeeded Switched to user. Logged in to zebra. $ telnet localhost 2601 bash: telnet: command not found $ sudo urpmi netkit-telnet $ telnet localhost 2601 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. Hello, this is Quagga (version 0.99.24.1). Copyright 1996-2005 Kunihiro Ishiguro, et al. User Access Verification Password: difda> list show version list exit ..... difda> show version Quagga 0.99.24.1 (difda). Copyright 1996-2005 Kunihiro Ishiguro, et al. configured with: --build=x86_64-mageia-linux-gnu --prefix=/usr --exec-prefix=/usr --bindir=/us ............. difda> show ip mroute Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF, I - IS-IS, B - BGP, P - PIM, A - Babel, > - selected route, * - FIB route C>* 127.0.0.0/8 is directly connected, lo C>* 192.168.1.0/24 is directly connected, enp3s0 On to IPv6: $ telenet ::1 2602 bash: telenet: command not found [lcl@difda ~]$ telnet ::1 2602 Trying ::1... Connected to ::1. Hello, this is Quagga (version 0.99.24.1). Copyright 1996-2005 Kunihiro Ishiguro, et al. User Access Verification Password: ripd> list .............. ripd> show history list ripd> quit $ telnet ::1 2604 ................ ospfd> show ip ospf route No OSPF routing information exist ospfd> exit $ telnet localhost 2606 ospf6d@plant# show ip access-list OSPF6: Zebra IP access list access4 permit 127.0.0.1/32 ospf6d@plant# show ipv6 ospf6 OSPFv3 Routing Process (0) with Router-ID 255.1.1.1 Running 01:15:27 Initial SPF scheduling delay 200 millisec(s) Minimum hold time between consecutive SPFs 1000 millsecond(s) Maximum hold time between consecutive SPFs 10000 millsecond(s) Hold time multiplier is currently 1 SPF algorithm has not been run$ SPF timer is inactive Number of AS scoped LSAs is 0 Number of areas in this router is 1 Area 0.0.0.0 Number of Area scoped LSAs is 0 Interface attached to this area: fxp0 This is good enough for 64 bit.
Whiteboard: (none) => MGA6-64-OKCC: (none) => tarazed25
Keywords: (none) => validated_updateCC: (none) => sysadmin-bugs
Keywords: (none) => advisoryCC: (none) => davidwhodgins
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2018-0133.html
Resolution: (none) => FIXEDStatus: NEW => RESOLVEDCC: (none) => tmb