[Bug 917754] Re: Multiple security vulnerabilites in openswan package

[Launchpad Bug Tracker]

This bug was fixed in the package openswan - 1:2.4.9+dfsg-1ubuntu0.1

---------------
openswan (1:2.4.9+dfsg-1ubuntu0.1) hardy-security; urgency=low

  * SECURITY UPDATE: symlink attack through predictable filenames in /tmp
    - debian/patches/02-fix-unsecure-tmp-file.dpatch: change
      programs/livetest/livetest.in to use mktemp for temporary file creation.
      Patch taken from Debian openswan 1:2.4.12+dfsg-1.3 package.
    - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496374
  * SECURITY UPDATE: denial of service attack via malicious Dead Peer Detection
    packet
    - debian/patches/03-CVE-2009-0790.dpatch: adjust programs/pluto/demux.c to
      check for a possbile NULL value. Patch taken from Debian openswan
      1:2.4.12+dfsg-1.3+lenny1 package.
    - CVE-2009-0790
  * SECURITY UPDATE: denial of service attack via specially crafted X.509
    certificate
    - debian/patches/04-CVE-2009-2185.dpatch: create include/oswtime.h and
      modify programs/pluto/asn1.c as well as lib/libopenswan/optionsfrom.c to
      do proper checks on certificate objects length. Patch taken from Debian
      openswan 1:2.4.12+dfsg-1.3+lenny2 package.
    - CVE-2009-2185
  * SECURITY UPDATE: denial of service attack via deliberately interrupted
    IPSec connection attempt
    - debian/patches/05-2.4.9-CVE-2011-4073.dpatch: change
      programs/pluto/ikev1_continuations.h and programs/pluto/ikev1_quick.c to
      check for vanished ISAKMP SA in Quick Mode negotiation. Patch taken from
      Debian openswan 1:2.4.12+dfsg-1.3+lenny3 package and slightly modified.
    - CVE-2011-4073
  (LP: #917754)
 -- Harald Jenny <har...@a-little-linux-box.at>   Tue, 17 Jan 2012 16:53:31 
+0100

** Changed in: openswan (Ubuntu Hardy)
       Status: New => Fix Released

** Bug watch added: Debian Bug tracker #496374
   http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496374

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2009-0790

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2009-2185

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-4073

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/917754

Title:
  Multiple security vulnerabilites in openswan package

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openswan/+bug/917754/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs