Quagga is a TCP/IP based routing software suite. The Quagga bgpd daemonimplements the BGP (Border Gateway Protocol) routing protocol.A denial of service flaw was found in the way the Quagga bgpd daemonprocessed certain route metrics information. A BGP message with aspecially-crafted path limit attribute would cause the bgpd daemon to resetits session with the peer through which this message was received.(CVE-2010-1675)A NULL pointer dereference flaw was found in the way the Quagga bgpd daemonprocessed malformed route extended communities attributes. A configured BGPpeer could crash bgpd on a target system via a specially-crafted BGPmessage. (CVE-2010-1674)Users of quagga should upgrade to these updated packages, which containbackported patches to correct these issues. After installing the updatedpackages, the bgpd daemon must be restarted for the update to take effect.