CLSA-2026:1778170790

[CLSA-2026:1778170790] quagga: Fix of CVE-2018-5381

Type:

security

Severity:

Important

Release date:

2026-05-08 11:37:43 UTC

Description:

- CVE-2018-5381: bgpd capability parser can enter an infinite loop on
  invalid OPEN messages whose Multi-Protocol capability has an
  unrecognized AFI/SAFI, causing a denial of service.

Updated packages:

quagga-0.99.15-14.el6.tuxcare.els3.x86_64.rpm
sha:dbfe193e80869ed02c54e1b1bb0b850ec37cb348e52c8d7f395680618292ff4e
quagga-contrib-0.99.15-14.el6.tuxcare.els3.x86_64.rpm
sha:ad2f160cd0c37478b141acf18fa648f0b756edd1185fca7a666d5f45201c119b
quagga-devel-0.99.15-14.el6.tuxcare.els3.i686.rpm
sha:e294950864dad8f4a4653ba9799573bb080ca7e26d520e7d7e4a3702e5d3b9d2
quagga-devel-0.99.15-14.el6.tuxcare.els3.x86_64.rpm
sha:f40d434fbcddf14fa2316b15b81cb339fb35c5eeea1ace2171e9377117bbe583

Notes:

This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.