Mandrake Security Advisory MDVSA-2009:109 (quagga)

The remote host is missing an update to quagga announced via advisory MDVSA-2009:109.
To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
The BGP daemon (bgpd) in Quagga 0.99.11 and earlier allows remote attackers to cause a denial of service (crash) via an AS path containing ASN elements whose string representation is longer than expected, which triggers an assert error (CVE-2009-1572). Updated packages are available that bring Quagga to version 0.99.12 which provides numerous bugfixes over the previous 0.99.9 version, and also corrects this issue. Affected: Corporate 4.0