New commits:
commit 4bf8638566f5904ee75926e925b0ad6818a8124b
Author: Paul Wouters <[email protected]>
Date: Sun Aug 23 13:39:33 2015 -0400
updated changes
commit d96ddc2a9346dadb96ecac778a45eebeebe978c2
Author: Paul Wouters <[email protected]>
Date: Mon Jun 8 17:04:13 2015 -0400
pluto/whack: add support for --impair-send-zero-gx
commit 0b0ce1116a9cbf0a7b7b6c838553af49f7dd6b41
Author: Paul Wouters <[email protected]>
Date: Sun Aug 23 13:27:36 2015 -0400
testing: Added ikev2-45-impair-gx to test for CVE-2015-3240
commit 8739b98928d2da2e818568c562b0f4744462bf1e
Author: D. Hugh Redelmeier <[email protected]>
Date: Sun Aug 23 13:23:01 2015 -0400
CVE-2015-3240: DoS when receiving a bad DH gx by peer
NSS returns NULL when g^x from peer is bad (eg 0) but libreswan
did not account for this and would passert() and restart.
Handle the case and return an error to the peer instead.
Signed-off-by: Paul Wouters <[email protected]>
_______________________________________________
Swan-commit mailing list
[email protected]
https://lists.libreswan.org/mailman/listinfo/swan-commit
