)]}'
{
  "commit": "717750433839762d23a5f8d88fe0b4d57c8d490a",
  "tree": "aea292ef6dab658197d1df6c9a5bf3f3925013ad",
  "parents": [
    "61ab0301606053192f45c188bc48afc837518770"
  ],
  "author": {
    "name": "Denis Ovsienko",
    "email": "infrastation@yandex.ru",
    "time": "Mon Sep 26 13:18:02 2011 +0400"
  },
  "committer": {
    "name": "Denis Ovsienko",
    "email": "infrastation@yandex.ru",
    "time": "Mon Sep 26 18:46:54 2011 +0400"
  },
  "message": "ospfd: CVE-2011-3325 part 2 (OSPF pkt type segv)\n\nThis vulnerability (CERT-FI #514838) was reported by CROSS project.\n\nThe error is reproducible only when ospfd debugging is enabled:\n  * debug ospf packet all\n  * debug ospf zebra\nWhen incoming packet header type field is set to 0x0a, ospfd will crash.\n\n* ospf_packet.c\n  * ospf_verify_header(): add type field check\n  * ospf_read(): perform input checks early\n",
  "tree_diff": [
    {
      "type": "modify",
      "old_id": "57278788dc9958da122cfd1c526ca14e0daf628c",
      "old_mode": 33188,
      "old_path": "ospfd/ospf_packet.c",
      "new_id": "151ed32807a1e03d89ba7c2b5008add2ea043c36",
      "new_mode": 33188,
      "new_path": "ospfd/ospf_packet.c"
    }
  ]
}