From Quagga 0.99.9 release notes: This release fixes two potential DoS conditions in bgpd, reported by Mu Security, where a bgpd could be crashed if a peer sent a malformed OPEN message or a malformed COMMUNITY attribute. Only configured peers can do this, hence we consider these issues to be very low impact. http://quagga.net/news2.php?y=2007&m=9&d=7#id1189190760 CVS commits referencing this issue: http://cvs.quagga.net/cgi-bin/viewcvs.cgi/quagga/bgpd/bgp_attr.c.diff?r1=1.23&r2=1.24&diff_format=h http://cvs.quagga.net/cgi-bin/viewcvs.cgi/quagga/bgpd/bgp_community.c.diff?r1=1.7&r2=1.8&diff_format=h
Relevant git changeset: [1] http://code.quagga.net/?p=quagga.git;a=commit;h=b2ceea18074ab8cca894051a3fbc30c312e3acc6
This issue has been addressed in following products: Red Hat Enterprise Linux 4 Red Hat Enterprise Linux 5 Via RHSA-2010:0785 https://rhn.redhat.com/errata/RHSA-2010-0785.html
All z-stream children bugs have been closed, futue tracking bugs still open, parent is no longer needed.