)]}'
{
  "commit": "94431dbc753171b48b5c6806af97fd690813b00a",
  "tree": "463b917f9f80236be01e4502863b34ae2d52b53d",
  "parents": [
    "a0bf59bcac8b40c3f83e7f2e7f65087ece6acfc7"
  ],
  "author": {
    "name": "CROSS",
    "email": "info@codenomicon.com",
    "time": "Mon Sep 26 13:17:05 2011 +0400"
  },
  "committer": {
    "name": "Denis Ovsienko",
    "email": "infrastation@yandex.ru",
    "time": "Mon Sep 26 18:46:16 2011 +0400"
  },
  "message": "bgpd: CVE-2011-3327 (ext. comm. buffer overflow)\n\nThis vulnerability (CERT-FI #513254) was reported by CROSS project.\nThey have also suggested a fix to the problem, which was found\nacceptable.\n\nThe problem occurs when bgpd receives an UPDATE message containing\n255 unknown AS_PATH attributes in Path Attribute Extended Communities.\nThis causes a buffer overlow in bgpd.\n\n* bgp_ecommunity.c\n  * ecommunity_ecom2str(): perform size check earlier\n",
  "tree_diff": [
    {
      "type": "modify",
      "old_id": "8d91c7463850f3a35638faf4a6edc679e5216d04",
      "old_mode": 33188,
      "old_path": "bgpd/bgp_ecommunity.c",
      "new_id": "440c15a4054c91fff1d52f1a7d892cc5712206a0",
      "new_mode": 33188,
      "new_path": "bgpd/bgp_ecommunity.c"
    }
  ]
}