)]}'
{
  "commit": "6b161fc12a15aba8824c84d1eb38e529aaf70769",
  "tree": "abd6c391a491495c70203420e5d91dbcdf282383",
  "parents": [
    "94431dbc753171b48b5c6806af97fd690813b00a"
  ],
  "author": {
    "name": "CROSS",
    "email": "info@codenomicon.com",
    "time": "Mon Sep 26 13:17:21 2011 +0400"
  },
  "committer": {
    "name": "Denis Ovsienko",
    "email": "infrastation@yandex.ru",
    "time": "Mon Sep 26 18:46:28 2011 +0400"
  },
  "message": "ospfd: CVE-2011-3326 (uknown LSA type segfault)\n\nThis vulnerability (CERT-FI #514837) was reported by CROSS project.\nThey have also suggested a fix to the problem, which was found\nacceptable.\n\nQuagga ospfd does not seem to handle unknown LSA types in a Link State\nUpdate message correctly. If LSA type is something else than one\nsupported\nby Quagga, the default handling of unknown types leads to an error.\n\n* ospf_flood.c\n  * ospf_flood(): check return value of ospf_lsa_install()\n",
  "tree_diff": [
    {
      "type": "modify",
      "old_id": "77f2e161127a85cc77f42202c14cf452c437f0d0",
      "old_mode": 33188,
      "old_path": "ospfd/ospf_flood.c",
      "new_id": "004ed1a77ab667e9711c97c434fe1d2518a9bb75",
      "new_mode": 33188,
      "new_path": "ospfd/ospf_flood.c"
    }
  ]
}