Debian Bug report logs -
#528933
CVE-2009-1632: Multiple memory leaks in Ipsec-tools before 0.7.2
Reported by: Giuseppe Iuculano <giuseppe@iuculano.it>
Date: Sat, 16 May 2009 13:36:07 UTC
Severity: grave
Tags: patch, security
Found in version ipsec-tools/1:0.7.1-1.4
Fixed in versions ipsec-tools/1:0.7.1-1.5, ipsec-tools/1:0.7.1-1.3+lenny2, ipsec-tools/1:0.6.6-3.1etch4
Done: Nico Golde <nion@debian.org>
Bug is archived. No further changes may be made.
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, Debian Security Team <team@security.debian.org>, Debian Testing Security Team <secure-testing-team@lists.alioth.debian.org>, Ganesan Rajagopal <rganesan@debian.org>:
Bug#528933; Package ipsec-tools.
(Sat, 16 May 2009 13:36:09 GMT) (full text, mbox, link).
Acknowledgement sent
to Giuseppe Iuculano <giuseppe@iuculano.it>:
New Bug report received and forwarded. Copy sent to Debian Security Team <team@security.debian.org>, Debian Testing Security Team <secure-testing-team@lists.alioth.debian.org>, Ganesan Rajagopal <rganesan@debian.org>.
(Sat, 16 May 2009 13:36:09 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Package: ipsec-tools
Version: 1:0.7.1-1.4
Severity: important
Tags: security patch
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities & Exposures) id was
published for ipsec-tools.
CVE-2009-1632[0]:
| Multiple memory leaks in Ipsec-tools before 0.7.2 allow remote
| attackers to cause a denial of service (memory consumption) via
| vectors involving (1) signature verification during user
| authentication with X.509 certificates, related to the
| eay_check_x509sign function in src/racoon/crypto_openssl.c; and (2)
| the NAT-Traversal (aka NAT-T) keepalive implementation, related to
| src/racoon/nattraversal.c.
If you fix the vulnerability please also make sure to include the
CVE id in your changelog entry.
For the moment set only important as severity because 1:0.7.1-1.4 needs to
migrate in testing, and I don't know if an RC bug could interfere.
For further information see:
[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1632
http://security-tracker.debian.net/tracker/CVE-2009-1632
http://marc.info/?l=oss-security&m=124101704828036&w=2
Patches:
http://cvsweb.netbsd.org/bsdweb.cgi/src/crypto/dist/ipsec-tools/src/racoon/crypto_openssl.c.diff?r1=1.11.6.4&r2=1.11.6.5&f=h
http://cvsweb.netbsd.org/bsdweb.cgi/src/crypto/dist/ipsec-tools/src/racoon/nattraversal.c.diff?r1=1.6&r2=1.6.6.1&f=h
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkoOwQkACgkQNxpp46476apwggCeOsGCHxZDseuTaVSqy8cxcXRa
SJgAn2CKMUqdfUBs9y30R2puUlh4fwpu
=oQ8G
-----END PGP SIGNATURE-----
Information forwarded
to debian-bugs-dist@lists.debian.org, Ganesan Rajagopal <rganesan@debian.org>:
Bug#528933; Package ipsec-tools.
(Tue, 19 May 2009 11:39:06 GMT) (full text, mbox, link).
Acknowledgement sent
to Nico Golde <nion@debian.org>:
Extra info received and forwarded to list. Copy sent to Ganesan Rajagopal <rganesan@debian.org>.
(Tue, 19 May 2009 11:39:06 GMT) (full text, mbox, link).
Message #10 received at 528933@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
Hi,
given the long history of NMUs for this package...
... attached is a patch for a 0-day NMU fixing this
vulnerability.
Cheers
Nico
--
Nico Golde - http://www.ngolde.de - nion@jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
[ipsec-tools-0.7.1-1.4_0.7.1-1.5.patch (text/x-diff, attachment)]
[Message part 3 (application/pgp-signature, inline)]
Severity set to `grave' from `important'
Request was from Nico Golde <nion@debian.org>
to control@bugs.debian.org.
(Tue, 19 May 2009 11:45:13 GMT) (full text, mbox, link).
Reply sent
to Nico Golde <nion@debian.org>:
You have taken responsibility.
(Tue, 19 May 2009 12:30:12 GMT) (full text, mbox, link).
Notification sent
to Giuseppe Iuculano <giuseppe@iuculano.it>:
Bug acknowledged by developer.
(Tue, 19 May 2009 12:30:12 GMT) (full text, mbox, link).
Message #17 received at 528933-close@bugs.debian.org (full text, mbox, reply):
Source: ipsec-tools
Source-Version: 1:0.7.1-1.5
We believe that the bug you reported is fixed in the latest version of
ipsec-tools, which is due to be installed in the Debian FTP archive:
ipsec-tools_0.7.1-1.5.diff.gz
to pool/main/i/ipsec-tools/ipsec-tools_0.7.1-1.5.diff.gz
ipsec-tools_0.7.1-1.5.dsc
to pool/main/i/ipsec-tools/ipsec-tools_0.7.1-1.5.dsc
ipsec-tools_0.7.1-1.5_amd64.deb
to pool/main/i/ipsec-tools/ipsec-tools_0.7.1-1.5_amd64.deb
racoon_0.7.1-1.5_amd64.deb
to pool/main/i/ipsec-tools/racoon_0.7.1-1.5_amd64.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 528933@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Nico Golde <nion@debian.org> (supplier of updated ipsec-tools package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Tue, 19 May 2009 13:26:14 +0200
Source: ipsec-tools
Binary: ipsec-tools racoon
Architecture: source amd64
Version: 1:0.7.1-1.5
Distribution: unstable
Urgency: high
Maintainer: Ganesan Rajagopal <rganesan@debian.org>
Changed-By: Nico Golde <nion@debian.org>
Description:
ipsec-tools - IPsec tools for Linux
racoon - IPsec IKE keying daemon
Closes: 528933
Changes:
ipsec-tools (1:0.7.1-1.5) unstable; urgency=high
.
* Non-maintainer upload by the Security Team.
* Fix multiple memory leaks in NAT traversal and RSA authentication
code of racoon leading to DoS because (CVE-2009-1632; Closes: #528933).
Checksums-Sha1:
81af7eee74e0c5231c3f32a7f33bcbe7a28cda9a 1116 ipsec-tools_0.7.1-1.5.dsc
80afb4b9b5daabfeaf3b2e8a72517874a04277e4 49687 ipsec-tools_0.7.1-1.5.diff.gz
ffb9086d2868049b0822a2d608a2a84db3e3a4f9 104484 ipsec-tools_0.7.1-1.5_amd64.deb
0292b7b1e64a0b90bfd0aa6ab9444d6c8a8447af 408352 racoon_0.7.1-1.5_amd64.deb
Checksums-Sha256:
4acbd0c21fb693b8e00890b8a7ed6527907d1a6b7ff008c8abc92f1f1615194b 1116 ipsec-tools_0.7.1-1.5.dsc
ea8239d665454068ea75946491fa76f4ebce50c56af60441ae30ebbab8a2cb6b 49687 ipsec-tools_0.7.1-1.5.diff.gz
02fe3190fc6f2d550551df5d58ea960a5300ae3d7dbafa35391bf807bc3ed941 104484 ipsec-tools_0.7.1-1.5_amd64.deb
ecc08367bc752d1cff34757a45f6e7ebabb8906914e578b939d7eeaf986bd80b 408352 racoon_0.7.1-1.5_amd64.deb
Files:
950172a25d8d2d363b89ece99bcd5ed5 1116 net extra ipsec-tools_0.7.1-1.5.dsc
42d17f5dec3f94db8da4b1ce93daf5c2 49687 net extra ipsec-tools_0.7.1-1.5.diff.gz
9e59c34cd7c213af53547bec3a10d0c6 104484 net extra ipsec-tools_0.7.1-1.5_amd64.deb
8bdd9cf4a853f241d274518db1136b2d 408352 net extra racoon_0.7.1-1.5_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkoSmH0ACgkQHYflSXNkfP8mqwCeJXgh/i8lTV0tMQYJxe33bHMD
5nEAn3P6YbTRe8bMfIfUM4xUgLMQiigO
=molp
-----END PGP SIGNATURE-----
Reply sent
to Nico Golde <nion@debian.org>:
You have taken responsibility.
(Fri, 12 Jun 2009 08:06:17 GMT) (full text, mbox, link).
Notification sent
to Giuseppe Iuculano <giuseppe@iuculano.it>:
Bug acknowledged by developer.
(Fri, 12 Jun 2009 08:06:17 GMT) (full text, mbox, link).
Message #22 received at 528933-close@bugs.debian.org (full text, mbox, reply):
Source: ipsec-tools
Source-Version: 1:0.7.1-1.3+lenny2
We believe that the bug you reported is fixed in the latest version of
ipsec-tools, which is due to be installed in the Debian FTP archive:
ipsec-tools_0.7.1-1.3+lenny2.diff.gz
to pool/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2.diff.gz
ipsec-tools_0.7.1-1.3+lenny2.dsc
to pool/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2.dsc
ipsec-tools_0.7.1-1.3+lenny2_amd64.deb
to pool/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_amd64.deb
racoon_0.7.1-1.3+lenny2_amd64.deb
to pool/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_amd64.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 528933@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Nico Golde <nion@debian.org> (supplier of updated ipsec-tools package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Mon, 18 May 2009 20:03:50 +0000
Source: ipsec-tools
Binary: ipsec-tools racoon
Architecture: source amd64
Version: 1:0.7.1-1.3+lenny2
Distribution: stable-security
Urgency: high
Maintainer: Ganesan Rajagopal <rganesan@debian.org>
Changed-By: Nico Golde <nion@debian.org>
Description:
ipsec-tools - IPsec tools for Linux
racoon - IPsec IKE keying daemon
Closes: 528933
Changes:
ipsec-tools (1:0.7.1-1.3+lenny2) stable-security; urgency=high
.
* Non-maintainer upload by the Security Team.
* Fix multiple memory leaks in NAT traversal and RSA authentication
code of racoon leading to DoS (CVE-2009-1632; Closes: #528933).
Checksums-Sha1:
3775ab19c1f7d511941f6248f1f47b729d223c4c 1144 ipsec-tools_0.7.1-1.3+lenny2.dsc
529f049642cbf2decb8d07a5b279f25e3c02b589 1039057 ipsec-tools_0.7.1.orig.tar.gz
e1bbe3881d011bd8d29f5532c3d534daec0847c9 49472 ipsec-tools_0.7.1-1.3+lenny2.diff.gz
f65a034de3ffb97e8100e9e04749586c07dea8d5 104612 ipsec-tools_0.7.1-1.3+lenny2_amd64.deb
f61f13bb557d590d59bbab15d1e913d37b20622b 409514 racoon_0.7.1-1.3+lenny2_amd64.deb
Checksums-Sha256:
1e60a4b9395b009dfa31c558d32782cdc3f0b379818cb07988eb6f5701284617 1144 ipsec-tools_0.7.1-1.3+lenny2.dsc
69c95651a0851cdfba0887020c1bd33c07ac7f2dd250e09153d6da983f02c2b3 1039057 ipsec-tools_0.7.1.orig.tar.gz
3839173be8419112e0764df68bf0e7601576680277f0cddfe5fe5d079098fa49 49472 ipsec-tools_0.7.1-1.3+lenny2.diff.gz
cb1614f141ef9e2fdad05829cddb51d41d8a3e4ddc9af155f5c298a113c3218f 104612 ipsec-tools_0.7.1-1.3+lenny2_amd64.deb
3004d07723fc02b96e3607948619d319c550badf00a1fea08f3e3a70503d9b9f 409514 racoon_0.7.1-1.3+lenny2_amd64.deb
Files:
46d3f28156ee183512a451588ef414e4 1144 net extra ipsec-tools_0.7.1-1.3+lenny2.dsc
ddff5ec5a06b804ca23dc41268368853 1039057 net extra ipsec-tools_0.7.1.orig.tar.gz
4bc8ba2bd520a7514f2c33021c64e8ce 49472 net extra ipsec-tools_0.7.1-1.3+lenny2.diff.gz
9ec93c697cf64232728d0dd5658efac8 104612 net extra ipsec-tools_0.7.1-1.3+lenny2_amd64.deb
a421f12270f5b22639d67be8d2cc8b4e 409514 net extra racoon_0.7.1-1.3+lenny2_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkoRwNUACgkQHYflSXNkfP9jeACgkZndrg3KwC5Q53uelYxj6mmU
GhMAn3qnyzakP6fhXh7arog76i6b2Ri/
=RLdK
-----END PGP SIGNATURE-----
Reply sent
to Nico Golde <nion@debian.org>:
You have taken responsibility.
(Sat, 27 Jun 2009 16:30:08 GMT) (full text, mbox, link).
Notification sent
to Giuseppe Iuculano <giuseppe@iuculano.it>:
Bug acknowledged by developer.
(Sat, 27 Jun 2009 16:30:08 GMT) (full text, mbox, link).
Message #27 received at 528933-close@bugs.debian.org (full text, mbox, reply):
Source: ipsec-tools
Source-Version: 1:0.7.1-1.3+lenny2
We believe that the bug you reported is fixed in the latest version of
ipsec-tools, which is due to be installed in the Debian FTP archive:
ipsec-tools_0.7.1-1.3+lenny2.diff.gz
to pool/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2.diff.gz
ipsec-tools_0.7.1-1.3+lenny2.dsc
to pool/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2.dsc
ipsec-tools_0.7.1-1.3+lenny2_amd64.deb
to pool/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_amd64.deb
racoon_0.7.1-1.3+lenny2_amd64.deb
to pool/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_amd64.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 528933@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Nico Golde <nion@debian.org> (supplier of updated ipsec-tools package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Mon, 18 May 2009 20:03:50 +0000
Source: ipsec-tools
Binary: ipsec-tools racoon
Architecture: source amd64
Version: 1:0.7.1-1.3+lenny2
Distribution: stable-security
Urgency: high
Maintainer: Ganesan Rajagopal <rganesan@debian.org>
Changed-By: Nico Golde <nion@debian.org>
Description:
ipsec-tools - IPsec tools for Linux
racoon - IPsec IKE keying daemon
Closes: 528933
Changes:
ipsec-tools (1:0.7.1-1.3+lenny2) stable-security; urgency=high
.
* Non-maintainer upload by the Security Team.
* Fix multiple memory leaks in NAT traversal and RSA authentication
code of racoon leading to DoS (CVE-2009-1632; Closes: #528933).
Checksums-Sha1:
3775ab19c1f7d511941f6248f1f47b729d223c4c 1144 ipsec-tools_0.7.1-1.3+lenny2.dsc
529f049642cbf2decb8d07a5b279f25e3c02b589 1039057 ipsec-tools_0.7.1.orig.tar.gz
e1bbe3881d011bd8d29f5532c3d534daec0847c9 49472 ipsec-tools_0.7.1-1.3+lenny2.diff.gz
f65a034de3ffb97e8100e9e04749586c07dea8d5 104612 ipsec-tools_0.7.1-1.3+lenny2_amd64.deb
f61f13bb557d590d59bbab15d1e913d37b20622b 409514 racoon_0.7.1-1.3+lenny2_amd64.deb
Checksums-Sha256:
1e60a4b9395b009dfa31c558d32782cdc3f0b379818cb07988eb6f5701284617 1144 ipsec-tools_0.7.1-1.3+lenny2.dsc
69c95651a0851cdfba0887020c1bd33c07ac7f2dd250e09153d6da983f02c2b3 1039057 ipsec-tools_0.7.1.orig.tar.gz
3839173be8419112e0764df68bf0e7601576680277f0cddfe5fe5d079098fa49 49472 ipsec-tools_0.7.1-1.3+lenny2.diff.gz
cb1614f141ef9e2fdad05829cddb51d41d8a3e4ddc9af155f5c298a113c3218f 104612 ipsec-tools_0.7.1-1.3+lenny2_amd64.deb
3004d07723fc02b96e3607948619d319c550badf00a1fea08f3e3a70503d9b9f 409514 racoon_0.7.1-1.3+lenny2_amd64.deb
Files:
46d3f28156ee183512a451588ef414e4 1144 net extra ipsec-tools_0.7.1-1.3+lenny2.dsc
ddff5ec5a06b804ca23dc41268368853 1039057 net extra ipsec-tools_0.7.1.orig.tar.gz
4bc8ba2bd520a7514f2c33021c64e8ce 49472 net extra ipsec-tools_0.7.1-1.3+lenny2.diff.gz
9ec93c697cf64232728d0dd5658efac8 104612 net extra ipsec-tools_0.7.1-1.3+lenny2_amd64.deb
a421f12270f5b22639d67be8d2cc8b4e 409514 net extra racoon_0.7.1-1.3+lenny2_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkoRwNUACgkQHYflSXNkfP9jeACgkZndrg3KwC5Q53uelYxj6mmU
GhMAn3qnyzakP6fhXh7arog76i6b2Ri/
=RLdK
-----END PGP SIGNATURE-----
Reply sent
to Nico Golde <nion@debian.org>:
You have taken responsibility.
(Fri, 03 Jul 2009 20:33:04 GMT) (full text, mbox, link).
Notification sent
to Giuseppe Iuculano <giuseppe@iuculano.it>:
Bug acknowledged by developer.
(Fri, 03 Jul 2009 20:33:04 GMT) (full text, mbox, link).
Message #32 received at 528933-close@bugs.debian.org (full text, mbox, reply):
Source: ipsec-tools
Source-Version: 1:0.6.6-3.1etch4
We believe that the bug you reported is fixed in the latest version of
ipsec-tools, which is due to be installed in the Debian FTP archive:
ipsec-tools_0.6.6-3.1etch4.diff.gz
to pool/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch4.diff.gz
ipsec-tools_0.6.6-3.1etch4.dsc
to pool/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch4.dsc
ipsec-tools_0.6.6-3.1etch4_amd64.deb
to pool/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch4_amd64.deb
racoon_0.6.6-3.1etch4_amd64.deb
to pool/main/i/ipsec-tools/racoon_0.6.6-3.1etch4_amd64.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 528933@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Nico Golde <nion@debian.org> (supplier of updated ipsec-tools package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Mon, 18 May 2009 20:07:02 +0000
Source: ipsec-tools
Binary: racoon ipsec-tools
Architecture: source amd64
Version: 1:0.6.6-3.1etch4
Distribution: oldstable-security
Urgency: high
Maintainer: Ganesan Rajagopal <rganesan@debian.org>
Changed-By: Nico Golde <nion@debian.org>
Description:
ipsec-tools - IPsec tools for Linux
racoon - IPsec IKE keying daemon
Closes: 528933
Changes:
ipsec-tools (1:0.6.6-3.1etch4) oldstable-security; urgency=high
.
* Non-maintainer upload by the Security Team.
* Fix multiple memory leaks in NAT traversal and RSA authentication
code of racoon leading to DoS because (CVE-2009-1632; Closes: #528933).
Files:
8b561cf84ac9c46ec07b037ce3ad06f1 722 net extra ipsec-tools_0.6.6-3.1etch4.dsc
643a238e17148d242c603c511e28d029 914807 net extra ipsec-tools_0.6.6.orig.tar.gz
7444fb4ad448ccfffe878801a2b88d2e 49875 net extra ipsec-tools_0.6.6-3.1etch4.diff.gz
5ccd4554eec28da6d933dc20a8a39393 89184 net extra ipsec-tools_0.6.6-3.1etch4_amd64.deb
9cee9f8c479a3a2952d2913d7bdc4c5d 343790 net extra racoon_0.6.6-3.1etch4_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkoRwMUACgkQHYflSXNkfP/7tACcDLhKZfUOceBAPVUSnWut4n0R
Nc0AnRAqWtYVMWdkNYQxFefYlHbjSJLS
=Hs5X
-----END PGP SIGNATURE-----
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Sat, 01 Aug 2009 07:42:21 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 17:54:00 2019;
Machine Name:
buxtehude
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.
Vulmon