)]}'
{
  "commit": "a1afbc6e1d56b06409de5e8d7d984d565817fd96",
  "tree": "a45dfa998baab938e8373950b7bf4c7af60f6dc1",
  "parents": [
    "3eca6f099d5a3aac0b66dfbf98fd8be84ea426b7"
  ],
  "author": {
    "name": "CROSS",
    "email": "info@codenomicon.com",
    "time": "Mon Sep 26 13:17:05 2011 +0400"
  },
  "committer": {
    "name": "Denis Ovsienko",
    "email": "infrastation@yandex.ru",
    "time": "Mon Sep 26 18:39:37 2011 +0400"
  },
  "message": "bgpd: CVE-2011-3327 (ext. comm. buffer overflow)\n\nThis vulnerability (CERT-FI #513254) was reported by CROSS project.\nThey have also suggested a fix to the problem, which was found\nacceptable.\n\nThe problem occurs when bgpd receives an UPDATE message containing\n255 unknown AS_PATH attributes in Path Attribute Extended Communities.\nThis causes a buffer overlow in bgpd.\n\n* bgp_ecommunity.c\n  * ecommunity_ecom2str(): perform size check earlier\n",
  "tree_diff": [
    {
      "type": "modify",
      "old_id": "8d5fa741a882ddaab1355be3f3c1c85ef38f87dc",
      "old_mode": 33188,
      "old_path": "bgpd/bgp_ecommunity.c",
      "new_id": "e7eb0a07f7a112adbf63a6cbabd161476df99946",
      "new_mode": 33188,
      "new_path": "bgpd/bgp_ecommunity.c"
    }
  ]
}