Back to strongswan PTS page

Accepted strongswan 2.8.0+dfsg-1+etch2 (source i386)

To: debian-changes@lists.debian.org
Subject: Accepted strongswan 2.8.0+dfsg-1+etch2 (source i386)
From: Rene Mayrhofer <rmayr@debian.org>
Date: Mon, 05 Oct 2009 01:54:51 +0000
Message-id: <E1Mucmp-0008CJ-Bq@ries.debian.org>
Sender: Archive Administrator <dak@ries.debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Wed, 22 Jul 2009 12:04:11 +0200
Source: strongswan
Binary: strongswan
Architecture: source i386
Version: 2.8.0+dfsg-1+etch2
Distribution: oldstable-security
Urgency: low
Maintainer: Rene Mayrhofer <rmayr@debian.org>
Changed-By: Rene Mayrhofer <rmayr@debian.org>
Description: 
 strongswan - IPSec utilities for strongSwan
Changes: 
 strongswan (2.8.0+dfsg-1+etch2) oldstable-security; urgency=low
 .
   Applied ASN.1 security fixes from strongswan upstream:
   * strongswan-2.x.x_asn1_length.patch: The RDN parser vulnerability
     discovered by Orange Labs research team was not completely fixed
     in version 2.8.10. Some more modifications had to be applied to the
     asn1_length() function.
   * strongswan-2.x.x_asn1_rdn.patch: Applying their fuzzing tool, the
     Orange Labs vulnerability research team found a Denial-of-Service
     vulnerability in the parsing of ASN.1 Relative Distinguished Names
     (RDNs). Malformed X.509 certificate RDNs can cause the pluto IKE daemon
     to crash and restart.
   * strongswan-2.x.x_asn1_time.patch: Applying their fuzzing tool, the
     Orange Labs vulnerability research team found a Denial-of-Service
     vulnerability in the parsing of ASN.1 UTCTIME and GENERALIZEDTIME strings.
     Malformed X.509 certificate time strings can cause the pluto IKE daemon
     to crash and restart.
Files: 
 6787c4f1c81bc390d2d4c5ef7cd1f004 811 net optional strongswan_2.8.0+dfsg-1+etch2.dsc
 945cc03b76743138f14b9719a204fedb 58570 net optional strongswan_2.8.0+dfsg-1+etch2.diff.gz
 3859569cbea184e01cb17158458a86e0 1054160 net optional strongswan_2.8.0+dfsg-1+etch2_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkqS9ioACgkQq7SPDcPCS95sbwCgmJzi7dcPRY6RsuP8jpGv0I5i
kBsAnRhn09PVNldI0TyKP2RnI3d4chcu
=b5yQ
-----END PGP SIGNATURE-----


Accepted:
strongswan_2.8.0+dfsg-1+etch2.diff.gz
  to pool/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch2.diff.gz
strongswan_2.8.0+dfsg-1+etch2.dsc
  to pool/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch2.dsc
strongswan_2.8.0+dfsg-1+etch2_i386.deb
  to pool/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch2_i386.deb