)]}'
{
  "commit": "af143a26ef96ba9be7b9c0b151b7605e1c2c74cd",
  "tree": "52d988f2eb1ccaddec7a725ee30766593dfc1f6b",
  "parents": [
    "a1afbc6e1d56b06409de5e8d7d984d565817fd96"
  ],
  "author": {
    "name": "CROSS",
    "email": "info@codenomicon.com",
    "time": "Mon Sep 26 13:17:21 2011 +0400"
  },
  "committer": {
    "name": "Denis Ovsienko",
    "email": "infrastation@yandex.ru",
    "time": "Mon Sep 26 18:39:52 2011 +0400"
  },
  "message": "ospfd: CVE-2011-3326 (uknown LSA type segfault)\n\nThis vulnerability (CERT-FI #514837) was reported by CROSS project.\nThey have also suggested a fix to the problem, which was found\nacceptable.\n\nQuagga ospfd does not seem to handle unknown LSA types in a Link State\nUpdate message correctly. If LSA type is something else than one\nsupported\nby Quagga, the default handling of unknown types leads to an error.\n\n* ospf_flood.c\n  * ospf_flood(): check return value of ospf_lsa_install()\n",
  "tree_diff": [
    {
      "type": "modify",
      "old_id": "41661da2f46c44fe3523c84b0bf2dbdb78d4a682",
      "old_mode": 33188,
      "old_path": "ospfd/ospf_flood.c",
      "new_id": "fc0bbf1268bae846f4d6e661a119881101547bf0",
      "new_mode": 33188,
      "new_path": "ospfd/ospf_flood.c"
    }
  ]
}