Re: L2TP/IPSec on Mac OSX stop working after openswan upgrade [with patches]

[Henrique de Moraes Holschuh]

On Tue, 29 Apr 2014, Liu DongMiao wrote:
 After checking the patch, I found the it's CVE-2013-6466.patch, it
 removes the compatible code for mac os x and ios, which use a bad
 draft. Now, I have fixed this, and test on mac os x and ios. However,
 I didn't test on other platform, such as linux, windows.

Did you test to make sure you did not reintroduce CVE-2013-6466?  While your
patch is simple, the patch that fixed CVE-2013-6466 is not and touched a lot
of code.  It was not immediately obvious -- at least to me -- that
reenabling the compatibiliy code will still work well after the changes done
to fix CVE-2013-6466.

-- 
  One disk to rule them all, One disk to find them. One disk to bring
  them all and in the darkness grind them. In the Land of Redmond
  where the shadows lie. -- The Silicon Valley Tarot
  Henrique Holschuh


-- 
To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/20140501152337.gc2...@khazad-dum.debian.net

External check

[Raphael Geissert]

CVE-2014-0193: RESERVED
--
The output might be a bit terse, but the above ids are known elsewhere,
check the references in the tracker. The second part indicates the status
of that id in the tracker at the moment the script was run.


-- 
To UNSUBSCRIBE, email to debian-security-tracker-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/5361ed29.asdtzrgcwg3qqchh%atomo64+st...@gmail.com