Package strongswan: Information
Source package: strongswan
Version: 4.2.17-alt0.M50.1
Build time: Jul 23, 2009, 02:23 AM
Category: System/Servers
Report package bugHome page: http://www.strongswan.org
License: GPLv2+
Summary: StrongSWAN IPSEC implementation
Description:
FreeS/WAN is a free implementation of IPSEC & IKE for Linux. IPSEC is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks. Everything passing through the untrusted net is encrypted by the ipsec gateway machine and decrypted by the gateway at the other end of the tunnel. The resulting tunnel is a virtual private network or VPN. This package contains the daemons and userland tools for setting up FreeS/WAN on a freeswan enabled kernel.
Maintainer: Michael Shigorin
Last changed
July 23, 2009 Michael Shigorin 4.2.17-alt0.M50.1
- 4.2.17 built for M50:
+ the RDN parser vulnerability discovered by Orange Labs research team
was not completely fixed in version 4.2.16. Some more modifications
had to be applied to the asn1_length() function.
- thanks crux@ for prompt notificationJune 23, 2009 Michael Shigorin 4.2.16-alt1
- 4.2.16 fixes DoS vulnerability in the ASN.1 parser; thanks crux@ for notification (closes: #20527)
May 28, 2009 Michael Shigorin 4.2.15-alt1
- 4.2.15 fixes two DoS issues with charon
+ sending a malformed IKE_SA_INIT request leaved an incomplete state
which caused a null pointer dereference if a subsequent
CREATE_CHILD_SA request was sent
+ sending an IKE_AUTH request with either a missing TSi or TSr payload
caused a null pointer derefence because the checks for TSi and TSr
were interchanged
+ patch2 unneeded (included upstream)
- thanks crux@ for heads-up (closes: #20206)