MGASA-2013-0310

See a problem?
Please try reporting it to the source first.
Source
https://advisories.mageia.org/MGASA-2013-0310.html
Import Source
https://advisories.mageia.org/MGASA-2013-0310.json
JSON Data
https://api.osv.dev/v1/vulns/MGASA-2013-0310
Upstream
  • CVE-2013-2236
Published
2013-10-17T19:40:12Z
Modified
2026-04-16T06:26:29.463246397Z
Summary
Updated quagga packages fix CVE-2013-2236
Details

Updated quagga packages fix security vulnerability:

Remotely exploitable buffer overflow in ospf_api.c and ospfclient.c when processing LSA messages in quagga before 0.99.22.2 (CVE-2013-2236).

Note: We have worked around this vulnerability by disabling the ospf_api and ospfclient features, which did not provide useful functionality.

References
Credits

Affected packages

Mageia:2 / quagga

Package

Name
quagga
Purl
pkg:rpm/mageia/quagga?arch=source&distro=mageia-2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.99.20.1-3.2.mga2

Ecosystem specific 

{
    "section": "core"
}

Database specific

source 
"https://advisories.mageia.org/MGASA-2013-0310.json"

Mageia:3 / quagga

Package

Name
quagga
Purl
pkg:rpm/mageia/quagga?arch=source&distro=mageia-3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.99.20.1-9.1.mga3

Ecosystem specific 

{
    "section": "core"
}

Database specific

source 
"https://advisories.mageia.org/MGASA-2013-0310.json"