A security flaw was found in the way Quagga bgpd daemon processed certain route metrics information. A configured BGP peer could use this flaw to send a BGP message with specially-crafted value of AS-path attribute, which would cause the bgpd daemon on all systems on the route the message travels to reset the BGP session.
This issue did NOT affect the versions of the quagga package, as shipped with Red Hat Enterprise Linux 4 and 5, as they did not include support for AS-Pathlimit feature yet. -- This issue affects the version of the quagga package, as shipped with Red Hat Enterprise Linux 6. -- This issue affects the versions of the quagga package, as shipped with Fedora release of 13 and 14.
Updated upstream version, addressing this: http://www.quagga.net/news2.php?y=2011&m=3&d=21#id1300723200
Created quagga tracking bugs for this issue Affects: fedora-all [bug 689852]
This issue has been addressed in following products: Red Hat Enterprise Linux 6 Via RHSA-2011:0406 https://rhn.redhat.com/errata/RHSA-2011-0406.html