Your message dated Fri, 02 Jun 2023 23:04:29 +0000
with message-id <e1q5dor-007o4q...@fasolo.debian.org>
and subject line Bug#1035542: fixed in libreswan 4.10-2+deb12u1
has caused the Debian Bug report #1035542,
regarding libreswan: CVE-2023-30570: Incorrect aggressive mode interaction
causes the pluto daemon to crash
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
1035542: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035542
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: libreswan
Version: 4.10-2
Severity: important
Tags: security upstream
Forwarded: https://github.com/libreswan/libreswan/issues/1039
X-Debbugs-Cc: car...@debian.org, Debian Security Team <t...@security.debian.org>
Hi,
The following vulnerability was published for libreswan.
CVE-2023-30570[0]:
| Incorrect aggressive mode interaction causes the pluto daemon to
| crash
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2023-30570
https://www.cve.org/CVERecord?id=CVE-2023-30570
[1] https://github.com/libreswan/libreswan/issues/1039
Please adjust the affected versions in the BTS as needed.
Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: libreswan
Source-Version: 4.10-2+deb12u1
Done: Daniel Kahn Gillmor <d...@fifthhorseman.net>
We believe that the bug you reported is fixed in the latest version of
libreswan, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 1035...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Daniel Kahn Gillmor <d...@fifthhorseman.net> (supplier of updated libreswan
package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Fri, 02 Jun 2023 18:15:28 -0400
Source: libreswan
Architecture: source
Version: 4.10-2+deb12u1
Distribution: bookworm
Urgency: medium
Maintainer: Daniel Kahn Gillmor <d...@fifthhorseman.net>
Changed-By: Daniel Kahn Gillmor <d...@fifthhorseman.net>
Closes: 1035542
Changes:
libreswan (4.10-2+deb12u1) bookworm; urgency=medium
.
* Fix CVE-2023-30570 (Closes: #1035542)
Checksums-Sha1:
54c49e3096cbe059265bc664a6a0aafe176c45ad 2079 libreswan_4.10-2+deb12u1.dsc
d588b3f3088a90b73ea94e908f1630ebab162319 17496
libreswan_4.10-2+deb12u1.debian.tar.xz
8eb33a453e45901e39433db13e22c1e3bb7de54f 11267
libreswan_4.10-2+deb12u1_amd64.buildinfo
Checksums-Sha256:
e62a43e675bff3fd107b497ad87b5754b26d8f978c4330be456c8a1eb679c52c 2079
libreswan_4.10-2+deb12u1.dsc
cd143808f2a6495fd413479ae4dabfa97a8188d609c9462f0808728ca2ca1c2c 17496
libreswan_4.10-2+deb12u1.debian.tar.xz
172ee1fa13c04aa7933383256d08bcef9ab0ca3eec0438dd4541b955ea462c61 11267
libreswan_4.10-2+deb12u1_amd64.buildinfo
Files:
b5f3081895fd13e7b125ce5008618afa 2079 net optional libreswan_4.10-2+deb12u1.dsc
97a925f517ddc4d45216cb4c83a0e43b 17496 net optional
libreswan_4.10-2+deb12u1.debian.tar.xz
e9b26ec85d74df114173b9f164e4d1ed 11267 net optional
libreswan_4.10-2+deb12u1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iHUEARYIAB0WIQQttUkcnfDcj0MoY88+nXFzcd5WXAUCZHpyUQAKCRA+nXFzcd5W
XAnXAP9fWuZynlrT3eICdXgs1Lq7wUgYSBs7E1pQfOZp025vFwD+OgteH3lQuDZ6
pbmCuUkxVSgawWz8IdrqNNH9ZLzKLAg=
=saAl
-----END PGP SIGNATURE-----
--- End Message ---
