)]}'
{
  "commit": "1f54cef38dab072f1054c6cfedd9ac32af14a120",
  "tree": "6aceeb8772c8ba088b387d7fdcdc771899788fce",
  "parents": [
    "3d3380d4fda43924171bc0866746c85634952c99"
  ],
  "author": {
    "name": "Denis Ovsienko",
    "email": "infrastation@yandex.ru",
    "time": "Mon Sep 26 13:18:02 2011 +0400"
  },
  "committer": {
    "name": "Denis Ovsienko",
    "email": "infrastation@yandex.ru",
    "time": "Mon Sep 26 18:40:19 2011 +0400"
  },
  "message": "ospfd: CVE-2011-3325 part 2 (OSPF pkt type segv)\n\nThis vulnerability (CERT-FI #514838) was reported by CROSS project.\n\nThe error is reproducible only when ospfd debugging is enabled:\n  * debug ospf packet all\n  * debug ospf zebra\nWhen incoming packet header type field is set to 0x0a, ospfd will crash.\n\n* ospf_packet.c\n  * ospf_verify_header(): add type field check\n  * ospf_read(): perform input checks early\n",
  "tree_diff": [
    {
      "type": "modify",
      "old_id": "7227452a202a7027fdaffa59fd773d7ae258f39b",
      "old_mode": 33188,
      "old_path": "ospfd/ospf_packet.c",
      "new_id": "489b928c1cabc57754b480d7c18b4a17f99004fd",
      "new_mode": 33188,
      "new_path": "ospfd/ospf_packet.c"
    }
  ]
}