Your message dated Sun, 27 Nov 2005 23:02:06 -0800
with message-id <[EMAIL PROTECTED]>
and subject line Bug#340584: fixed in ipsec-tools 1:0.6.3-1
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 24 Nov 2005 11:13:52 +0000
>From [EMAIL PROTECTED] Thu Nov 24 03:13:51 2005
Return-path: <[EMAIL PROTECTED]>
Received: from inutil.org ([193.22.164.111]
helo=vserver151.vserver151.serverflex.de)
by spohr.debian.org with esmtp (Exim 4.50)
id 1EfF31-0003Fq-Og
for [EMAIL PROTECTED]; Thu, 24 Nov 2005 03:13:51 -0800
Received: from wlan-client-044.informatik.uni-bremen.de ([134.102.116.45]
helo=localhost.localdomain)
by vserver151.vserver151.serverflex.de with esmtpsa
(TLS-1.0:RSA_AES_256_CBC_SHA:32)
(Exim 4.50)
id 1EfF30-0007PS-9Y
for [EMAIL PROTECTED]; Thu, 24 Nov 2005 12:13:50 +0100
Received: from jmm by localhost.localdomain with local (Exim 4.54)
id 1EfF2l-0001i0-Cz; Thu, 24 Nov 2005 12:13:35 +0100
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: Moritz Muehlenhoff <[EMAIL PROTECTED]>
To: Debian Bug Tracking System <[EMAIL PROTECTED]>
Subject: CVE-2005-3732: Minor DoS vulnerabilities unveiled by the PROTOS IKE
test
suite
X-Mailer: reportbug 3.17
Date: Thu, 24 Nov 2005 12:13:35 +0100
X-Debbugs-Cc: Debian Security Team <[EMAIL PROTECTED]>
Message-Id: <[EMAIL PROTECTED]>
X-SA-Exim-Connect-IP: 134.102.116.45
X-SA-Exim-Mail-From: [EMAIL PROTECTED]
X-SA-Exim-Scanned: No (on vserver151.vserver151.serverflex.de); SAEximRunCond
expanded to false
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level:
X-Spam-Status: No, hits=-11.0 required=4.0 tests=BAYES_00,HAS_PACKAGE,
X_DEBBUGS_CC autolearn=ham version=2.60-bugs.debian.org_2005_01_02
Package: ipsec-tools
Severity: important
Tags: security
Like several other IKE implementations racoon is affected by some Denial-of-
Service vulnerabilities unveiled by the PROTOS test suite of some Finnish
researchers (http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp)
The issues found in racoon are rather insignificant and are fixed upstream
in 0.6.3. Please see
http://sourceforge.net/mailarchive/forum.php?thread_id=9017454&forum_id=32000
for a more detailed description.
This has been assigned CVE-2005-3732, please mention it in the changelog when
fixing it.
Cheers,
Moritz
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.14-2-686
Locale: LANG=C, [EMAIL PROTECTED] (charmap=ISO-8859-15)
---------------------------------------
Received: (at 340584-close) by bugs.debian.org; 28 Nov 2005 07:11:14 +0000
>From [EMAIL PROTECTED] Sun Nov 27 23:11:14 2005
Return-path: <[EMAIL PROTECTED]>
Received: from katie by spohr.debian.org with local (Exim 4.50)
id 1Egd1a-0007Cz-HC; Sun, 27 Nov 2005 23:02:06 -0800
From: Ganesan Rajagopal <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
X-Katie: $Revision: 1.60 $
Subject: Bug#340584: fixed in ipsec-tools 1:0.6.3-1
Message-Id: <[EMAIL PROTECTED]>
Sender: Archive Administrator <[EMAIL PROTECTED]>
Date: Sun, 27 Nov 2005 23:02:06 -0800
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level:
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER
autolearn=no version=2.60-bugs.debian.org_2005_01_02
Source: ipsec-tools
Source-Version: 1:0.6.3-1
We believe that the bug you reported is fixed in the latest version of
ipsec-tools, which is due to be installed in the Debian FTP archive:
ipsec-tools_0.6.3-1.diff.gz
to pool/main/i/ipsec-tools/ipsec-tools_0.6.3-1.diff.gz
ipsec-tools_0.6.3-1.dsc
to pool/main/i/ipsec-tools/ipsec-tools_0.6.3-1.dsc
ipsec-tools_0.6.3-1_i386.deb
to pool/main/i/ipsec-tools/ipsec-tools_0.6.3-1_i386.deb
ipsec-tools_0.6.3.orig.tar.gz
to pool/main/i/ipsec-tools/ipsec-tools_0.6.3.orig.tar.gz
racoon_0.6.3-1_i386.deb
to pool/main/i/ipsec-tools/racoon_0.6.3-1_i386.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Ganesan Rajagopal <[EMAIL PROTECTED]> (supplier of updated ipsec-tools package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Mon, 28 Nov 2005 11:58:31 +0530
Source: ipsec-tools
Binary: racoon ipsec-tools
Architecture: source i386
Version: 1:0.6.3-1
Distribution: unstable
Urgency: low
Maintainer: Ganesan Rajagopal <[EMAIL PROTECTED]>
Changed-By: Ganesan Rajagopal <[EMAIL PROTECTED]>
Description:
ipsec-tools - IPsec tools for Linux
racoon - IPsec IKE keying daemon
Closes: 340584
Changes:
ipsec-tools (1:0.6.3-1) unstable; urgency=low
.
* New upstream release with fix for CVE-2005-3732 (closes: #340584).
Files:
c59fe9bdef850414d2832e8168bf0dd9 673 net extra ipsec-tools_0.6.3-1.dsc
1b37fbccd2f74a20af1e7967a580c521 914052 net extra ipsec-tools_0.6.3.orig.tar.gz
6f56f7581fe81ec3f54678ca41730a77 41115 net extra ipsec-tools_0.6.3-1.diff.gz
4db894e02e453e1471c47c757afdaad7 81282 net extra ipsec-tools_0.6.3-1_i386.deb
e013c76f334913ef10d805e7010b4502 308724 net extra racoon_0.6.3-1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
iD8DBQFDiqg3FeACul2MEuoRAutTAKCqUc2jnwbFho5Ite8NgOx52xyExQCeLtTD
ameKRxyvJ7wEa9BF1z58KjE=
=u2xs
-----END PGP SIGNATURE-----
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
